XSS Vector on vBulletin-based Installs
First and foremost, Gamma 3 resolves a potential cross-site scripting vector that affects vBulletin-compatible releases. If you are running VaultWiki on XenForo, this vulnerability does NOT apply to you. This vulnerability affects VaultWiki 4 versions only. VaultWiki 3 is unaffected.We highly recommend that vBulletin users upgrade to Gamma 3 as soon as they are able. This vector allows forum users to post arbitrary HTML and Javascript in your wiki, and it is relatively easy to exploit. Although some wikis might not be vulnerable, most live installations of VaultWiki 4 are.
Because previous releases are vulnerable, they have been removed from the download area to protect users from installing them or learning to exploit the vulnerability. Due to our End-of-Life and patching policies, and since non-Release Candidate releases cannot be patched by our system, any vBulletin-based forums using VaultWiki 4 will need a current license in order to obtain a patched download.
If your license is expired, we recommend disabling your wiki by placing it in maintenance mode until you are able to renew your license.
Improved Performance
Gamma 3 improves VaultWiki's performance in a number of respects.Disable Unused Features
A new section has been added to the Admin Panel's Structures tab, called "Content Types." This section allows admins to disable wiki features they do not intend to use, which prevents the wiki from initializing unused features, and prevents users from trying to access them anyway.Disable the Sidebar
You can now completely disable the wiki sidebar. Previously you could hide the sidebar by disabling every block individually, but VaultWiki would still run a number of processes intended to find enabled blocks and combine them. The new setting prevents VaultWiki from processing sidebar data entirely.Lower Memory Usage
Prior to Gamma 3, the larger the wiki grew, the more memory it required to keep track of what pages existed or not. VaultWiki uses this information when routing pages and creating wiki links. In Gamma 3, the memory footprint of these caches have been reduced by about 75%, which means more room to grow.Faster Auto-Links
Using a number of software engineering tricks, the process of discovering auto-links in large amounts of text, in multiple text blocks, and for very large wikis have been drastically improved. The auto-linker now has several discovery methods at its disposal, and it can choose the most efficient option for the current request on the fly. Additionally, it performs some pre-filtering on the search queries rather than on the result set. Combined, these changes have reduced auto-link processing time between 50% - 90%, depending on the situation.Release Notes
VaultWiki 4 Gamma 3 should be usable on both vBulletin-based and XenForo-based production sites.We maintain the Gamma status due to new features that are added or will be added soon and still require more real-world testing.