VWE-2016-3112
Return to current revision
Current Revision
February 16, 2017, 2:23 PM
General Differences
made the following changes
- removed the title prefix 'XSS'
- changed the title from 'Opt-Block Vulnerability' to 'VWE-2016-3112'
Differences in Content
-
[template]Vulnerability
| cve=
| aka=Opt-Block Vulnerability
| severity=High
| difficulty=Easy
| description=CAN-SPAM Non-Compliance.
| discover-date=December 20, 2016
| patch-date=December 21, 2016
| patches=4.0.15 Patch Level 3
4.0.14 Patch Level 6
4.0.13 Patch Level 6
4.0.12 Patch Level 7
4.0.11 Patch Level 7
4.0.10 Patch Level 8
4.0.9 Patch Level 8
4.0.8 Patch Level 10
| workaround=For unsent notifications, set Settings > VaultWiki: Notifications > Enable Wiki Subscriptions = No. For notifications that were already sent, the only solution is applying a patch.[/template]