Jelsoft has just announced a security update for vBulletin forum software that resolves a cross-site scripting (XSS) error. These are patch level fixes for the existing vBulletin 3.7.1 and 3.6.10 versions that focus on the XSS flaw.
According to the Jelsoft announcement:
...it is difficult to exploit the XSS flaw, and the potential for exposure and damage is limited...However, the implications of the flaw are not entirely clear in the announcement. Has anybody out there had problems with this cross-site scripting error?