CVE-2004-0091

Name of the Vulnerable Software and Affected Versions vBulletin (affected versions not specified)

Description A cross-site scripting (XSS) issue in register.php allows remote attackers to inject arbitrary HTML or web script via the reg site (or possibly regsite) parameter. The vendor has disputed this issue, stating that there is no hidden field called 'reg site' nor any $reg site variable in the vBulletin 2 or vBulletin 3 source code or templates.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.