VWE-2021-6148 Printable Version

https://www.vaultwiki.org/pages/Book/Documentation/VWE-2021-6148
This page is a chapter in Info Known Vulnerabilities

This page has been seen 173,989 times.

- Created by
  pegasus
  on October 17, 2021

Common Name None
VWE-ID VWE-2021-6148
Related Report None
Severity HIGH
Exploit Difficulty EASY
Platform XenForo
Description Data Loss. Deferred tasks containing a reference to the triggering content can fail to queue due to unencoded IP data, leading to data denormalization, orphaned content, and other issues.

Discovered July 24, 2021
Resolved July 25, 2021
Patches Available 4.1.2 Patch Level 1
4.1.1 Patch Level 6
4.1.0 Patch Level 8
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.

Common Name	None
VWE-ID	VWE-2021-6148
Related Report	None
Severity	HIGH
Exploit Difficulty	EASY
Platform	XenForo
Description	Data Loss. Deferred tasks containing a reference to the triggering content can fail to queue due to unencoded IP data, leading to data denormalization, orphaned content, and other issues.
Discovered	July 24, 2021
Resolved	July 25, 2021
Patches Available	4.1.2 Patch Level 1 4.1.1 Patch Level 6 4.1.0 Patch Level 8