Cross-site scripting (XSS) vulnerability in private.php for vBulletin 3.0.0 Beta 2 allows remote attackers to inject arbitrary web script and HTML via the "Preview Message" capability.Referenceshttp://marc.info/?l=bugtraq&m=105293890422210&w=2http://marc.info/?l=bugtraq&m=105292832607981&w=2
