Vulnerabilities > Vbulletin > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-03 | CVE-2020-25115 | Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via an Occupation Title or Description to User Profile Field Manager. | 3.5 |
| 2020-09-03 | CVE-2020-25116 | Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager. | 3.5 |
| 2020-09-03 | CVE-2020-25117 | Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager. | 3.5 |
| 2020-09-03 | CVE-2020-25118 | Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via a Style Options Settings Title to Styles Manager. | 3.5 |
| 2020-09-03 | CVE-2020-25119 | Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual. | 3.5 |
| 2020-09-03 | CVE-2020-25120 | Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via the admincp/search.php?do=dosearch URI. | 3.5 |
| 2020-09-03 | CVE-2020-25121 | Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via the Paid Subscription Email Notification field in the Options. | 3.5 |
| 2020-09-03 | CVE-2020-25122 | Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager. | 3.5 |
| 2020-09-03 | CVE-2020-25123 | Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smilies Manager. | 3.5 |
| 2020-09-03 | CVE-2020-25124 | Cross-site Scripting vulnerability in Vbulletin 5.6.3 The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php&do=rebuild&type= URI. | 3.5 |