[+] Credits: snop.

[+] Domains: rabbitz.org


Vulnerability Type:
===================
XSS


Vendor:
===================
www.xenforo.com


Product:
=====================================================================
XenForo <= 1.4.9

A compelling community experience. Intuitive. Social. Engaging. Fast.
XenForo brings a fresh outlook to forum software.


Advisory Information:
====================================================

Reflected Cross Site Scripting Vulnerability:


Vulnerability Details:
=====================

No Useraccount required.
------------------------------------

vulnerable URL:
https://website/community/register/validate-field

vulnerable POST parameter:
'name='


Severity Level:
=========================================================
High