Common Name | None |
VWE-ID | VWE-2017-3437 |
Related Report | None |
Severity | Extreme |
Exploit Difficulty | NORMAL |
Platform | Affects all platforms supported by the vulnerable versions. |
Description | Denial of Service Amplification involving thumbnail requests. Does not affect Lite versions.
|
Discovered | February 14, 2017 |
Resolved | February 17, 2017 |
Patches Available | 4.0.16 Patch Level 1
4.0.15 Patch Level 5
4.0.14 Patch Level 8
4.0.13 Patch Level 8
4.0.12 Patch Level 9
4.0.11 Patch Level 9
4.0.10 Patch Level 10
4.0.9 Patch Level 10 |
Workaround | In the Wiki Admin Panel, go to Content > Attachments. Edit all file-types and make sure "Is this an image type?" is set to "No." |
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.