The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name Target Injection Vulnerability VWE-ID VWE-2011-0100 Related Report None Severity HIGH Exploit Difficulty EASY Platform Affects all platforms supported by the vulnerable versions. Description HTML/Javascript injection. Does not affect Lite versions.
Discovered June 14, 2011 Resolved June 23, 2011 Patches Available 3.0.12
3.0.11 Patch Level 1
3.0.10 Patch Level 1
3.0.9 Patch Level 1
3.0.8 Patch Level 1
3.0.7 Patch Level 1
3.0.6 Patch Level 1
3.0.5 Patch Level 1
3.0.4 Patch Level 1
3.0.3 Patch Level 1
3.0.2 Patch Level 1
3.0.1 Patch Level 1Workaround In Settings > Options > VaultWiki: Server Settings, disable "Enable Link Caching."
Sub-Categories of VWE-2011-0100
-
#
-
# (cont.)
-
# (cont.)