Announcement

Collapse
No announcement yet.

XSS flaw on vb3.8.2?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Floris
    replied
    Despite that it is their fault, a release is as is. Because nobody is perfect. I have yet to find a software online or offline that didn't have security problems. This is why there are incremental version releases. 3.8.2 is multiple versions behind and you could do a full upgrade. Which is available to you as long as the download access allows this. Security patches ARE free downloads, but they are only valid for the version they're made for.

    Until vBulletin Solutions changes their license agreement and charge per branch, you can download basically every version available to you within the period your license grants you download access, which is 12 months. The upgrade fee is $60, at the moment, and early renewers get a $20 discount.

    Unlike other companies who charge from 3.6 to 3.7 for example, vBulletin has always allowed 'whichever version is currently the latest'. And give you 12 months download access where within this is valid. that's quite flexible.

    Leave a comment:


  • Andreas
    replied
    None.

    Those patches are only functional for their respective Versions (eg. 3.8.1, 3.8.3 and 3.8.4).

    What you can do:
    Download the patches for 3.8.3 and 3.8.4, compare them with your 3.8.2 files - and merge those changes that were done to fix the security issues (though this requires a fair amout of programming knowledge).

    Leave a comment:


  • WaaDaa
    replied
    This should not be true because XSS flaw is not our fault. It is the fault of the Vbulletin program writers.

    Even my licence expired I should have a patch only to correct this Xss Flaw issue.

    So please someone tell us which of the below patches we should use for the version 3.8.2
    • Security patch: 3.8.4 PL1
    • Security patch for 3.8.3 (included in 3.8.4+)
    • Security patch: 3.8.1 PL1
    Thanks in advance.

    Leave a comment:


  • Floris
    replied
    You can't. You have to renew your license.

    Leave a comment:


  • nemanjas
    started a topic XSS flaw on vb3.8.2?

    XSS flaw on vb3.8.2?

    My owned license is expired so i cannot upgrade to to 3.8.4.

    How do i patch my vb, as there is no package for 3.8.2? Apart from paying renewal, of course.

Related Topics

Collapse

Working...
X