# Title: Vanilla Tagging Stored XSS # Date: 1/6/12 # Author: Henry Hoggard # Author URL: henryhoggard.co.uk # Author Twitter: @henryhoggard # Software: Vanilla Version 2.0.18.4 # http://vanillaforums.org/download Create a new thread and post your XSS as tag. I used You will have to use a proxy / manipulate the form to bypass the max-length on the form. Once you have posted the thread, send an administrator or moderator to http://server/index.php?p=/vanilla/post/editdiscussion/7 Where 7 is the thread ID of the thread you just made. The XSS will then trigger. You can even use a URL shortener to send the link. Note: The URL may be different depending on what category your thread is in. #############################################################