QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-12580

Back to search

CVE-2018-12580

Published: Jun 19, 2018

Modified: Sep 17, 2024

PUBLISHED

Description

library/DBTech/Security/Action/Sessions.php in DragonByte vBSecurity 3.x through 3.3.0 for vBulletin 3 and vBulletin 4 allows self-XSS via $session['user_agent'] in the "Login Sessions" feature.

VendorProductVersions

n/a

n/a

affected
n/a

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now