Description

Multiple cross-site scripting (XSS) vulnerabilities in Vanilla Forums before 2.0.18.13 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2014-9685

Related Vulnerabilities

MediaWiki Improper Authentication Vulnerability (CVE-2018-0505)

WordPress Plugin Share Posts To Email Cross-Site Scripting (1.0.2)

OpenVPN AS Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-33737)

WordPress Plugin WP iCommerce-the first interactive ecommerce for wordpress SQL Injection (1.1.1)

Jboss EAP CVE-2018-8088 Vulnerability (CVE-2018-8088)

Severity

Medium

Classification

CVE-2014-9685 CWE-707

Tags

Missing Update Known Vulnerabilities