VWE-2016-3128
Return to current revision
Current Revision
April 8, 2018, 11:35 PM
Differences in Content
-
[template]Vulnerability
| cve=
| aka=Social Collapse Vulnerability
| severity=Medium
| difficulty=Easy -
-
| description=Permissions escalation in Social Groups. Affects vBulletin only. Does not affect Lite versions. -
+
| description=Permissions escalation in Social Groups.
| platform=vB
| lite=no -
| discover-date=December 27, 2016
| patch-date=December 27, 2016
| patches=4.0.15 Patch Level 4
4.0.14 Patch Level 7
4.0.13 Patch Level 7
4.0.12 Patch Level 8
4.0.11 Patch Level 8
4.0.10 Patch Level 9
4.0.9 Patch Level 9
| workaround=The vulnerability allows for unauthorized conversion between a wikified and non-wikified Social Group, resulting in data loss. If the wiki content-type Group is enabled, the only workaround is to prevent users who are not authorized to create wiki Social Groups from creating or editing any Social Groups.[/template]