The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name None VWE-ID VWE-2017-4138 Related Report #5260 Severity Extreme Exploit Difficulty Difficult Platform XenForo Description CAN-SPAM Compliance. Affects add-ons with email templates that do not define plain-text email contents.
Discovered October 2, 2017 Resolved October 15, 2017 Patches Available 4.0.19 Patch Level 3
4.0.18 Patch Level 4
4.0.17 Patch Level 6
4.0.16 Patch Level 7
4.0.15 Patch Level 11Workaround Manually define compliant plain-text variants for all email templates.