|
---------------------------------=0D
XSS in Vbulletin 3.6.0 in IE 0nly=0D
---------------------------------=0D
Author: Stefan =0D
Email: stefan@dakotacom.net=0D
Group: EnigmaGroup=0D
---------------------------------=0D
Vulnerable: vbulletin 3.5.4 in IE=0D
Vulnerable: vbulletin 3.6.0 in IE=0D
---------------------------------=0D
Javascript may be executed by =0D
saving code as .pdf and uploading=0D
as attachment.This only works in IE=0D
-----------------------------------=0D
Poc: http://www.xandith.com