The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name None VWE-ID VWE-2021-6343 Related Report #6278 Severity HIGH Exploit Difficulty NORMAL Platform XenForo 2.x Description Denial of Service. A user can cause any page showing BB-Code content to render as a fatal error by leveraging a flaw in the WIDGET BB-Code's forum and thread renderers. Does not affect Lite versions.
Discovered November 29, 2021 Resolved December 1, 2021 Patches Available 4.1.3 Patch Level 1
4.1.2 Patch Level 4
4.1.1 Patch Level 9
This page has been seen 231,143 times.
-
-
Created by on
-