You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
vBulletin does not filter HTML tags from URI parameters, making it prone to cross-site scripting attacks.
As a result, it is possible for a remote attacker to create a malicious link containing script code which will be executed in the browser of a legitimate user, in the context of the website running vBulletin.
This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software.