2019-03-02 01:00:00
Kaspersky
PUBLISHED
Multiple stored XSS in Vanilla Forums before 2.5 allow remote attackers to inject arbitrary JavaScript code into any message on forum.