Medium severity6.1OSV Advisory· Published Sep 28, 2018· Updated Jun 17, 2026
CVE-2018-17571
CVE-2018-17571
Description
Vanilla before 2.6.1 allows XSS via the email field of a profile.
Affected products
2list+ 1 more
- (no CPE)range: list
- (no CPE)range: <2.6.1
Patches
Vulnerability mechanics
References
1- hackerone.com/reports/361957nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.