The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name Social Collapse Vulnerability VWE-ID VWE-2016-3128 Related Report None Severity MEDIUM Exploit Difficulty EASY Platform vBulletin Description Permissions escalation in Social Groups. Does not affect Lite versions.
Discovered December 27, 2016 Resolved December 27, 2016 Patches Available 4.0.15 Patch Level 4
4.0.14 Patch Level 7
4.0.13 Patch Level 7
4.0.12 Patch Level 8
4.0.11 Patch Level 8
4.0.10 Patch Level 9
4.0.9 Patch Level 9Workaround The vulnerability allows for unauthorized conversion between a wikified and non-wikified Social Group, resulting in data loss. If the wiki content-type Group is enabled, the only workaround is to prevent users who are not authorized to create wiki Social Groups from creating or editing any Social Groups.
Sub-Categories of VWE-2016-3128
-
#
-
# (cont.)
-
# (cont.)