The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name Link Recall Vulnerability VWE-ID VWE-2010-0075 Related Report None Severity HIGH Exploit Difficulty EASY Platform Affects all platforms supported by the vulnerable versions. Description HTML/Javascript injection. Does not affect Lite versions.
Discovered September 18, 2010 Resolved September 30, 2010 Patches Available 3.0.4
2.5.7 Patch Level 3Workaround In Settings > Options > VaultWiki: Server Settings, disable "Enable Link Caching."
Sub-Categories of VWE-2010-0075
-
#
-
# (cont.)
-
# (cont.)