Cross-site scripting (XSS) vulnerability in memberlist.php in Jelsoft vBulletin 2.0 rc 2 through 2.2.4 allows remote attackers to steal authentication credentials by injecting script into $letterbits.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Vbulletin | Jelsoft | 2.2.0 | 2.2.0 |
Vbulletin | Jelsoft | 2.0_rc2 | 2.0_rc2 |
Vbulletin | Jelsoft | 2.0_rc3 | 2.0_rc3 |
Vbulletin | Jelsoft | 2.2.1 | 2.2.1 |
Vbulletin | Jelsoft | 2.2.4 | 2.2.4 |
Vbulletin | Jelsoft | 2.2.2 | 2.2.2 |
Vbulletin | Jelsoft | 2.2.3 | 2.2.3 |