CVE-2012-6668
N/A
N/A
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Shout Reports in the DragonByte Technologies vBShout module before 6.0.6 for vBulletin allow remote attackers to inject arbitrary web script or HTML via the (1) reportreason parameter in actions/doreport.php or (2) modnotes parameter in actions/updatereport.php.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.dragonbyte-tech.com/f4/vbactivity-vbshout-forumon-rpg-vbdownloads-vbquiz-updates-security-releases-6876/
- http://www.securityfocus.com/bid/52715
- http://secunia.com/advisories/48519
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74345
References
- http://www.dragonbyte-tech.com/f4/vbactivity-vbshout-forumon-rpg-vbdownloads-vbquiz-updates-security-releases-6876/
- http://www.securityfocus.com/bid/52715
- http://secunia.com/advisories/48519
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74345
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.