The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name None VWE-ID VWE-2018-4666 Related Report None Severity LOW Exploit Difficulty EASY Platform Affects all platforms supported by the vulnerable versions. Description Phishing. Possible to position user-generated content outside their containers using specially crafted custom sidebar block headings. Does not affect Lite versions.
Discovered September 16, 2018 Resolved October 8, 2018 Patches Available 4.0.24 Patch Level 1
4.0.23 Patch Level 3
4.0.22 Patch Level 5
4.0.21 Patch Level 6
4.0.20 Patch Level 9
Workaround It is not possible to workaround this issue.
This page has been seen 734 times.