VWE-2021-6247 Printable Version

https://www.vaultwiki.org/pages/Book/Documentation/VWE-2021-6247
This page is a chapter in Info Known Vulnerabilities

This page has been seen 102,615 times.

- Created by
  pegasus
  on October 25, 2021
  
  Last updated by
  pegasus
  on October 27, 2021

Common Name None
VWE-ID VWE-2021-6247
Related Report None
Severity MEDIUM
Exploit Difficulty EASY
Platform XenForo 2.x
Description Denial of Service. A user can force an existing wiki attachment to become inaccessible by editing it and uploading a new version. Does not affect Lite versions.

Discovered October 6, 2021
Resolved October 25, 2021
Patches Available 4.1.2 Patch Level 3
4.1.1 Patch Level 8
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.

Common Name	None
VWE-ID	VWE-2021-6247
Related Report	None
Severity	MEDIUM
Exploit Difficulty	EASY
Platform	XenForo 2.x
Description	Denial of Service. A user can force an existing wiki attachment to become inaccessible by editing it and uploading a new version. Does not affect Lite versions.
Discovered	October 6, 2021
Resolved	October 25, 2021
Patches Available	4.1.2 Patch Level 3 4.1.1 Patch Level 8