Arbitrary Script Injection in LatestComment Plugin for Vanilla Forums
CVE-2012-6555 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
Cross-site scripting (XSS) vulnerability in the LatestComment plugin 1.1 for Vanilla Forums allows remote attackers to inject arbitrary web script or HTML via the discussion title.
Learn more about our Web App Pen Testing.