VWE-2016-2047 Printable Version

https://www.vaultwiki.org/pages/Book/Documentation/VWE-2016-2047
This page is a chapter in Info Known Vulnerabilities

This page has been seen 159,887 times.

    • Created by on
      Last updated by on
Common NamePresumptuous Post Vulnerability
VWE-IDVWE-2016-2047
Related ReportNone
SeverityMINOR
Exploit DifficultyEASY
PlatformXenForo
DescriptionPermissions escalation.
DiscoveredJanuary 30, 2016
ResolvedFebruary 9, 2016
Patches Available4.0.8 Patch Level 2
4.0.7 Patch Level 3
4.0.6 Patch Level 6
4.0.5 Patch Level 6
4.0.4 Patch Level 6
4.0.3 Patch Level 6
4.0.2 Patch Level 9
WorkaroundPhysically remove deleted comments. Adjust permissions so that no users can post comments if their comments would be moderated.
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.