[VIM] vendor dispute on CVE-2006-3253

Stuart Moore smoore at securityglobal.net
Mon Jul 3 13:06:45 EDT 2006

The vendor has contacted us to dispute the crazy cracker posting 
regarding a cross-site scripting vulnerability in vBulletin:


The vendor has been unable to reproduce this, testing versions 3.5.4, 
3.6.0 and even 3.0.x.

I did some random spot testing and was also unable to reproduce anything.

Interestingly, crazy cracker's web site runs vBulletin 3.5.4.

I've sent mail to crazy cracker to ask for additional information, but 
last time I did that, I got no response.


More information about the VIM mailing list