This is an old revision of this page, as edited February 1, 2016, 10:54 AM by pegasus(contribs). It may differ significantly from the current revision.
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name Identity Theft Vulnerability VWE-ID Identity Theft Vulnerability Related Report None Severity HIGH Exploit Difficulty Difficult Platform Affects all platforms supported by the vulnerable versions. Description HTML/Javascript injection
Discovered April 7, 2013 Resolved April 8, 2013 Patches Available 4.0.0 Alpha 5 Workaround Update all areas so that HTML is not allowed in comments.