VWE-2019-5266 Viewing Source [template]Vulnerability | cve= | aka= | severity=Medium | difficulty=Normal | description=Permissions Escalation. Users can use specially crafted BB-Codes and template parameters to circumvent area parser settings. | platform=XF2 | lite=no | issueid=5779 | discover-date=May 31, 2019 | patch-date=June 7, 2019 | patches=4.1.0 Beta 2 | workaround=In AdminCP > Wiki > Structures > Content Types, disable the Template type. [/template] 445 characters