Forum² Admin AWS Posted March 27, 2012 Forum² Admin Posted March 27, 2012 A recent vBulletin 4 (4.1.4 - 4.1.11 Suite & Forum) http://tracker.vbulletin.com/browse/VBIV-14598" target="_blank">report indicated that there was a potential XSS exploit vector in the editor. Once the cause of the issue was isolated, code changes were made to eliminate the reported threat. The issue does not affect vBulletin 3.x and vBulletin 4.0 - 4.1.3. This patch has been issued for vBulletin 4.1.4 through 4.1.11. To improve the security of your vBulletin 4 Suite installation please download the patch from the members area of vBulletin: http://members.vbulletin.com/" target="_blank">http://members.vbulletin.com/ We recommend you install this security patch as soon as possible. The upgrade process is the same as previous patch level releases - simply download the patch from the Members Area, extract the files and upload to your web server, overwriting the existing files. There is no upgrade script required. Advanced Users - Files updated in the patch are: includes/version_vbulletin.php clientscript/ckeplugins/bbcode/plugin.js (if js uncompressed) clientscript/ckeditor/ckeditor.js (if js compressed) Please note that this issue and fix affects BOTH vBulletin SUITE and FORUM. View the full article Quote IPB Webmaster - For Invision Community Enthusiasts - SEO Help Forum
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.