The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name None VWE-ID VWE-2018-4356 Related Report None Severity MEDIUM Exploit Difficulty Difficult Platform Affects all platforms supported by the vulnerable versions. Description Denial of Service. It may be possible to prevent moderators from deleting a wiki page or other content by abusing child content and other relations.
Discovered February 6, 2018 Resolved February 8, 2018 Patches Available 4.0.20 Patch Level 3
4.0.19 Patch Level 6
4.0.18 Patch Level 7
4.0.17 Patch Level 9
Workaround It is not possible to workaround this issue.
NotesDefault installations of both vBulletin and XenForo 1.x suffer from a similar issue, but they do not treat it as a security issue.
This page has been seen 1,612 times.