Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 2.2.0 allows remote attackers to execute arbitrary script as other users by injecting script into a bulletin board message.
https://exchange.xforce.ibmcloud.com/vulnerabilities/8039
http://www.securityfocus.com/bid/4008