Unknown · Vanilla Forums · CVE-2010-4264
**Name of the Vulnerable Software and Affected Versions**
Vanilla Forums versions prior to 2.0.10
**Description**
A cross-site scripting issue was discovered where a filename could contain arbitrary code to execute on the client side.
**Recommendations**
For versions prior to 2.0.10, update to version 2.0.10 or later to resolve the issue.