The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name None VWE-ID VWE-2017-4326 Related Report None Severity HIGH Exploit Difficulty NORMAL Platform Affects all platforms supported by the vulnerable versions. Description Permissions Escalation / Data Loss. Due to a flaw in vw_Fetch_Controller::get_by_route, add-ons that relied on the function may be exposing the wrong content to users or otherwise performing data changes against the wrong content. Does not affect unmodified versions of VaultWiki.
Discovered December 31, 2017 Resolved January 10, 2018 Patches Available 4.0.20 Patch Level 2
4.0.19 Patch Level 5
4.0.18 Patch Level 6
4.0.17 Patch Level 8
4.0.16 Patch Level 9
This page has been seen 271,213 times.
-
-
Created by on
-