The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name None VWE-ID VWE-2020-5643 Related Report #5972 Severity MEDIUM Exploit Difficulty EASY Platform XenForo 2.x Description Subscription Management. Alerts for likes or reactions of content contributed to are sent even if the user is not opted-in to that alert.
Discovered March 7, 2020 Resolved April 7, 2020 Patches Available 4.1.0 RC 2 Patch Level 1
4.1.0 RC 1 Patch Level 2
This page has been seen 126,482 times.
-
-
Created by on
-