VWE-2019-5391 Printable Version

https://www.vaultwiki.org/pages/Book/Documentation/VWE-2019-5391
This page is a chapter in Info Known Vulnerabilities

This page has been seen 210,855 times.

- Created by
  pegasus
  on October 12, 2019

Common Name None
VWE-ID VWE-2019-5391
Related Report None
Severity MEDIUM
Exploit Difficulty NORMAL
Platform Affects all platforms supported by the vulnerable versions.
Description Phishing. User-positioned elements are not restricted within the relevant position's container. Does not affect Lite versions.

Discovered October 8, 2019
Resolved October 12, 2019
Patches Available 4.1.0 Beta 4
4.0.27 Patch Level 1
4.0.26 Patch Level 3
4.0.25 Patch Level 5
Workaround In your AdminCP's BB-Code Manager, disable the following BB-Codes: DIV, SPAN, TABLE.
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.

Common Name	None
VWE-ID	VWE-2019-5391
Related Report	None
Severity	MEDIUM
Exploit Difficulty	NORMAL
Platform	Affects all platforms supported by the vulnerable versions.
Description	Phishing. User-positioned elements are not restricted within the relevant position's container. Does not affect Lite versions.
Discovered	October 8, 2019
Resolved	October 12, 2019
Patches Available	4.1.0 Beta 4 4.0.27 Patch Level 1 4.0.26 Patch Level 3 4.0.25 Patch Level 5
Workaround	In your AdminCP's BB-Code Manager, disable the following BB-Codes: DIV, SPAN, TABLE.