CVE-2020-25120

The Admin CP in vBulletin 5.6.3 allows XSS via the admincp/search.php?do=dosearch URI.

Source: CVE-2020-25120