The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name None VWE-ID VWE-2018-4625 Related Report None Severity HIGH Exploit Difficulty NORMAL Platform Affects all platforms supported by the vulnerable versions. Description Denial of Service Amplification. A distributed attack that posts comments to a single wiki discussion may be able to achieve denial of service due to a flaw in the quick reply handler.
Discovered July 27, 2018 Resolved August 27, 2018 Patches Available 4.0.23 Patch Level 2
4.0.22 Patch Level 4
4.0.21 Patch Level 5
4.0.20 Patch Level 8
4.0.19 Patch Level 11
Workaround In the Wiki admin panel, go to Permissions > Usergroups, and make sure that any usergroups that could potentially include large numbers of users do not have permission to post new comments.
This page has been seen 1,172 times.