• Register
    • Help

    striker  0 Items
    Currently Supporting
    • Home
    • News
      • VaultWiki News
      • Visit the Wiki
    • Forum
    • Wiki
    • Support
    • What's New?
    • Buy Now
    • Manual
    • 
    • Home
    • VaultWiki News

    1. Welcome to VaultWiki.org, home of the wiki add-on for vBulletin and XenForo!

      VaultWiki allows your existing forum users to collaborate on creating and managing a site's content pages. VaultWiki is a fully-featured and fully-supported wiki solution for vBulletin and XenForo.

      The VaultWiki Team encourages you to join our community of forum administrators and check out VaultWiki for yourself.

    • pegasus

      VaultWiki Security Update: March 2024 

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on March 8, 2024 11:17 AM

      As of March 8, security patches for March 2024 are now available.

      Issue List

      VWE-2024-6530 is an Uninstall issue, where uninstallation is interrupted by an E_WARNING if there is a wiki moderator who is neither a super moderator nor a moderator of non-wiki content. The issue affects VaultWiki 4.1.0 Beta 4 and higher, on XenForo 2.x-based platforms only.

      VWE-2024-6531 is an Install issue, where a database error prevents access to the install script. The issue affects VaultWiki 4.1.7 and higher, on vBulletin-based platforms only.

      VWE-2024-6532 is an Uninstall issue, where a fatal error prevents access to the uninstall script. The issue affects all versions of the VaultWiki 4.1.x series, on XenForo 1.x-based platforms only.

      VWE-2024-6534 is an Install issue, where the moderator creation popup does not appear if existing usergroups contain non-UTF-8 characters, preventing the install process from completing. The issue affects all versions of the VaultWiki 4.1.x series, on vBulletin-based platforms only.

      VWE-2024-6535 is an Install issue, where a fatal error occurs during installation of default option values. The issue affects VaultWiki 4.1.5 and higher, on XenForo 1.x-based platforms only.

      VWE-2024-6537 is a Data Loss issue, where a user who leaves all wiki social groups, or who is a wiki moderator that is removed as wiki moderator, will be removed from all secondary user groups. The issue affects VaultWiki 4.0.9 and higher, on vBulletin-based platforms only.

      VWE-2024-6538 is a Permissions Escalation issue, where administrators receive an error when attempting to edit custom permissions for guests within a specific area, preventing them from revoking permissions in that area. The issue affects VaultWiki 4.1.5 and higher, on XenForo-based platforms only.

      VWE-2024-6539 is an Install issue, where a fatal error occurs when installing default wiki content, due to a flawed workaround for a bug in XenForo 2.2.13 that leaves parser classes unavailable during installation. The issue affects VaultWiki 4.1.7, on XenForo 2.x-based platforms only.

      Patches

      The following patches address the aforementioned issues:
      • 4.1.7 Patch Level 1


      Notes

      We strongly recommend that all users running VaultWiki in a vBulletin-based production environment update to a patched release. We recommend that all users running VaultWiki in a XenForo-based production environment update to a patched release.

      VaultWiki 4.1.7 and XenForo 2.2.13 

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on June 1, 2023 11:22 AM

      VaultWiki 4.1.7 was released for licensed customers on May 14. This version is a maintenance release with roughly 20 bug fixes.

      For a list of changes in this release, please see Changelog for 4.1.7. If you are a style or language pack maintainer, please check here for changes which may affect you.

      Important: Compatibility with XenForo 2.2.13

      XenForo 2.2.13 was released after VaultWiki 4.1.7, and as a result, there were some unforeseen compatibility issues where XenForo's code had changed unexpectedly, including a showstopper issue making the forum unusable while both VaultWiki and XenForo's debug mode were active simultaneously.

      As of June 1, the VaultWiki 4.1.7 package has been patched to workaround XenForo's code changes. If you are using any earlier VaultWiki version, or a copy of 4.1.7 acquired before June 1, please beware that you must update your files using the June 1 package or you may find your forum becomes unusable if you upgrade XenForo to 2.2.13.

      Release Notes

      VaultWiki 4.1.7 improves product stability. We encourage everyone using VaultWiki to update to this release for the best experience and compatibility.

      VaultWiki 4.1.6 

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on November 12, 2022 12:10 PM

      VaultWiki 4.1.6 is now available for licensed customers. This version is a maintenance release with roughly 100 bug fixes.

      For a list of changes in this release, please see Changelog for 4.1.6. If you are a style or language pack maintainer, please check here for changes which may affect you.

      Some Improvements

      Aside from 100 bug fixes, VaultWiki 4.1.6 adds support for new collations in recent versions of MySQL that can allow for a wider variety of wiki titles and can improve title conflict resolution.

      This version makes some tweaks to how edits are weighted when calculating page rating averages, including using a faster algorithm, and reducing the effect of minor edits on averages.

      This release also increases the default lifetime for automatically created synonyms, which are typically created when a page is renamed. We have also added a setting to allow admins to set the lifetime to a value that works best for their site.

      Release Notes

      VaultWiki 4.1.6 improves product stability. We encourage anyone using VaultWiki to update to this release for the best experience.

      VaultWiki Security Update: November 2022 

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on November 9, 2022 12:21 PM

      As of November 9, security patches for November 2022 are now available.

      Issue List

      VWE-2022-6473 is a Permissions Escalation issue, where a forum moderator can bypass the disallowed titles list when converting a thread to a wiki page. The issue affects VaultWiki 4.0.16 and higher.

      VWE-2022-6474 is a Permissions Escalation issue, where a forum moderator can bypass the prefix limitations of the target area when converting a thread to a wiki page. The issue affects VaultWiki 4.0.16 and higher.

      VWE-2022-6477 is a Subscription Management issue, where a user's attempts to disable all email notifications simultaneously in the default wiki subscription folder fails with a permissions error. The issue affects all versions of the VaultWiki 4.1.x series.

      VWE-2022-6478 is a Subscription Management issue, where a user's attempts to disable email notifications for all wiki subscription folders simultaneously fails with a permissions error. The issue affects all versions of the VaultWiki 4.1.x series.

      VWE-2022-6479 is a Subscription Management issue, where a user's attempts to unwatch all subscriptions simultaneously in the default wiki subscription folder fails with a permissions error. The issue affects all versions of the VaultWiki 4.1.x series.

      Patches

      The following patches address the aforementioned issues:
      • 4.1.5 Patch Level 4
      • 4.1.4 Patch Level 6
      • 4.1.3 Patch Level 8


      Notes

      We strongly recommend that all users running VaultWiki in a production environment update to a patched release.

      VaultWiki Security Update: October 2022 

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on October 6, 2022 4:37 PM

      As of October 6, security patches for October 2022 are now available.

      Issue List

      VWE-2022-6463 is a Data Loss issue, where a user can unwittingly delete a page when they only want to remove the page's node behavior, such as a book or category. The issue affects VaultWiki 4.1.3 and higher, on XenForo 2.x-based platforms only.

      VWE-2022-6466 is a Permissions Escalation issue, where users can submit ratings to wiki content that moderators are unable to remove. The issue affects VaultWiki 4.1.0 RC 2 and higher.

      VWE-2022-6469 is a Permissions Escalation issue, where when the WIDGET BB-Code's Maximum Items in Widget Output is less than the default number for a variant, some variants may render the default number anyway when the count parameter is unspecified. The issue affects VaultWiki 4.0.11 and higher.

      VWE-2022-6470 is a Permissions Escalation issue, where when the WIDGET BB-Code's Maximum Items in Widget Output is less than 25, some variants may render more than permitted. The issue affects VaultWiki 4.0.11 and higher.

      Patches

      The following patches address the aforementioned issues:
      • 4.1.5 Patch Level 3
      • 4.1.4 Patch Level 5
      • 4.1.3 Patch Level 7


      Notes

      We strongly recommend that all users running VaultWiki in a production environment update to a patched release.

      VaultWiki Security Update: September 2022 

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on September 9, 2022 4:27 PM

      As of September 9, security patches for September 2022 are now available.

      Issue List

      VWE-2022-6458 is a Permissions Escalation issue, where a user can change tags for a wiki page even though they don't have permissions to tag that page, as long as they know the URL for the page's tag editor and have permissions to change the page's categories. The issue affects VaultWiki 4.1.3 and higher. Prior to 4.1.3, there was no separate permission for changing tags.

      Patches

      The following patches address the aforementioned issue:
      • 4.1.5 Patch Level 2
      • 4.1.4 Patch Level 4
      • 4.1.3 Patch Level 6


      Notes

      We highly recommend that all users running VaultWiki in a production environment update to a patched release as soon as they are able.

      VaultWiki Security Update: July 2022 

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on July 7, 2022 12:11 PM

      As of July 7, security patches for July 2022 are now available.

      Issue List

      VWE-2022-6453 is a Permissions Escalation issue, where a user is able to manage the wiki integrations on another user's profile. The issue affects VaultWiki 4.0.0 Beta 7 and higher, on XenForo 1.x platforms only.

      Patches

      The following patches address the aforementioned issue:
      • 4.1.5 Patch Level 1
      • 4.1.4 Patch Level 3
      • 4.1.3 Patch Level 5


      Notes

      We highly recommend that all users running VaultWiki on XenForo 1.x in a production environment update to a patched release as soon as they are able.
      Page 2 of 32 FirstFirst Previous 123412 ... Next LastLast
    • Contact Us
    • License Agreement
    • Privacy
    • Terms
    • Top
    All times are GMT -4. The time now is 3:11 PM.
    This site uses cookies to help personalize content, to tailor your experience, and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Learn more… Accept Remind me later
  • striker
    Powered by vBulletin® Version 4.2.5 Beta 2
    Copyright © 2025 vBulletin Solutions Inc. All rights reserved.
    Search Engine Optimisation provided by DragonByte SEO (Pro) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
    Copyright © 2008 - 2024 VaultWiki Team, Cracked Egg Studios, LLC.