<<< Date Index >>>     <<< Thread Index >>>

Re: Re: New Include Redirect Bug XSS All vBulletin v 3.x.x



This isn't a directory traversal, the code is simply output on to the page as 
<frame src="..."> (sanitised of course), so they can only access what is 
available in the physical domain.

Scott MacVicar
Development Team, vBulletin