• Register
    • Help

    striker  0 Items
    Currently Supporting
    • Home
    • News
      • VaultWiki News
      • Visit the Wiki
    • Forum
    • Wiki
    • Support
    • What's New?
    • Buy Now
    • Manual
    • 
    • Home
    • VaultWiki Security Update: October 2022

    1. Welcome to VaultWiki.org, home of the wiki add-on for vBulletin and XenForo!

      VaultWiki allows your existing forum users to collaborate on creating and managing a site's content pages. VaultWiki is a fully-featured and fully-supported wiki solution for vBulletin and XenForo.

      The VaultWiki Team encourages you to join our community of forum administrators and check out VaultWiki for yourself.

    • VaultWiki Security Update: October 2022

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on October 6, 2022 4:37 PM
      0 Comments Comments
      As of October 6, security patches for October 2022 are now available.

      Issue List

      VWE-2022-6463 is a Data Loss issue, where a user can unwittingly delete a page when they only want to remove the page's node behavior, such as a book or category. The issue affects VaultWiki 4.1.3 and higher, on XenForo 2.x-based platforms only.

      VWE-2022-6466 is a Permissions Escalation issue, where users can submit ratings to wiki content that moderators are unable to remove. The issue affects VaultWiki 4.1.0 RC 2 and higher.

      VWE-2022-6469 is a Permissions Escalation issue, where when the WIDGET BB-Code's Maximum Items in Widget Output is less than the default number for a variant, some variants may render the default number anyway when the count parameter is unspecified. The issue affects all versions of the VaultWiki 4.x series.

      VWE-2022-6470 is a Permissions Escalation issue, where when the WIDGET BB-Code's Maximum Items in Widget Output is less than 25, some variants may render more than permitted. The issue affects VaultWiki 4.0.11 and higher.

      Patches

      The following patches address the aforementioned issues:
      • 4.1.5 Patch Level 3
      • 4.1.4 Patch Level 4
      • 4.1.3 Patch Level 7


      Notes

      We strongly recommend that all users running VaultWiki in a production environment update to a patched release.
    • Contact Us
    • License Agreement
    • Privacy
    • Terms
    • Top
    All times are GMT -4. The time now is 1:25 PM.
    This site uses cookies to help personalize content, to tailor your experience, and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Learn more… Accept Remind me later
  • striker
    Powered by vBulletin® Version 4.2.5 Beta 2
    Copyright © 2023 vBulletin Solutions Inc. All rights reserved.
    Search Engine Optimisation provided by DragonByte SEO (Pro) - vBulletin Mods & Addons Copyright © 2023 DragonByte Technologies Ltd.
    Copyright © 2008 - 2013 VaultWiki Team, Cracked Egg Studios, LLC.