VWE-2019-5453
Return to current revision
Differences in Content
-
[template]Vulnerability
| cve=
| aka=
| severity=Medium
| difficulty=Easy
| description=Permissions Escalation. Wiki social groups are visible to non-group-members via the WIDGET BB-Code, even though the social group is setup to only permit member viewing. The issue affects 4.0.9 and higher, as well as patches for VWE-2016-2064, on vBulletin platforms only.
| platform=vB
| lite=no
| issueid=
| discover-date=December 30, 2019
| patch-date=January 28, 2020
| patches=4.1.0 RC 1
4.0.27 Patch Level 3
4.0.26 Patch Level 5
4.0.25 Patch Level 7
| workaround=
[/template] -
-4.0.8 Patch Level 2
4.0.7 Patch Level 3
4.0.6 Patch Level 6
4.0.5 Patch Level 6
4.0.4 Patch Level 6
4.0.3 Patch Level 6
4.0.2 Patch Level 9