VWE-2017-4012
Return to current revision
Differences in Content
-
[template]Vulnerability
| cve=
| aka=
| severity=Extreme
| difficulty=Easy
| description=CAN-SPAM Non-Compliance. Some automatic subscription emails sent during import are missing compliance-related information. Affects XenForo only. Does not affect VaultWiki Lite.
| discover-date=September 13, 2017
| patch-date=September 24, 2017
| patches=4.0.19 Patch Level 2
4.0.18 Patch Level 3
4.0.17 Patch Level 5
4.0.16 Patch Level 6
4.0.15 Patch Level 10
| workaround=While importing content into VaultWiki, add the following line to XenForo's [i]/library/config.php[/i]: -
-
[code]$config['enableMail'] = false;[/code][/template] -
+
[code]$config['enableMail'] = false;[/code]
[/template]