VWE-2024-6542 Printable Version

https://www.vaultwiki.org/pages/Book/Documentation/VWE-2024-6542
This page is a chapter in Info Known Vulnerabilities

This page has been seen 13,691 times.

- Created by
  pegasus
  on December 6, 2024

Common Name None
VWE-ID VWE-2024-6542
Related Report #6427
Severity LOW
Exploit Difficulty EASY
Platform XenForo 2.x
Description Permissions escalation. Users are able to post wiki content containing more than the maximum number of IMG, MEDIA, and XFMG's GALLERY tags, as defined by the respective admin options.

Discovered August 7, 2024
Resolved September 6, 2024
Patches Available 4.1.7 Patch Level 3
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.

Common Name	None
VWE-ID	VWE-2024-6542
Related Report	#6427
Severity	LOW
Exploit Difficulty	EASY
Platform	XenForo 2.x
Description	Permissions escalation. Users are able to post wiki content containing more than the maximum number of IMG, MEDIA, and XFMG's GALLERY tags, as defined by the respective admin options.
Discovered	August 7, 2024
Resolved	September 6, 2024
Patches Available	4.1.7 Patch Level 3