The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name Mirror Injection Vulnerability VWE-ID VWE-2015-1040 Related Report None Severity HIGH Exploit Difficulty Difficult Platform vBulletin Description HTML/Javascript injection.
Discovered April 12, 2015 Resolved April 13, 2015 Patches Available 4.0.2 Patch Level 3
4.0.1 Patch Level 6Workaround Update all wiki areas so that comments are not allowed.