Posted by oststrom (public) on Oct 14

Hash: SHA1

CVE-2013-2021 – vBulletin 5.x/4.x – persistent XSS in AdminCP/ApiLog via
xmlrpc API (post-auth)

============================================================================
====================

Overview

——–

date : 10/12/2014

cvss : 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P) base

cwe : 79

vendor : vBulletin Solutions

product : vBulletin 4

versions affected : latest 4.x and 5.x (to date);…