Cross-site scripting (XSS) vulnerability in vbugs.php in Dark_Wizard vBug Tracker 3.5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the sortorder parameter.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Vbug_tracker |
Jelsoft |
* |
3.5.1 (including) |
References