CVE-2014-9919

An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the fullname parameter to signup.php.