Vanilla Forums · Vanilla · CVE-2020-8825
**Name of the Vulnerable Software and Affected Versions**
Vanilla version 2.6.3
**Description**
The issue allows for stored XSS in the `index.php?p=/dashboard/settings/branding` endpoint.
**Recommendations**
For version 2.6.3, update to a newer version that contains a fix for this issue.