CVE-2018-17571 admin 6년 ago CVE-2018-17571 Vanilla before 2.6.1 allows XSS via the email field of a profile. Source: CVE-2018-17571