Announcement

Collapse
No announcement yet.

Security Exploit fixed in vBulletin 4.2.2 and 4.2.3.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Security Exploit fixed in vBulletin 4.2.2 and 4.2.3.

    A security issue has been reported to us that affects vBulletin 4. We have released new builds of vBulletin 4.2.2 and 4.2.3 to account for this vulnerability. The issue may allow attackers to access sensitive data via the mobile API. It is recommended that all users update as soon as possible. If you're using a version of vBulletin 4 older than 4.2.2, it is recommended that you upgrade to that version as soon as possible.

    You can download the build for your version here: http://members.vbulletin.com/

    Special thanks to NytroRST for reporting this issue.

    To install the new build, download your version of vBulletin 4 (4.2.2 or 4.2.3) then upload all files found within the zip file except the /install/ directory. Make sure to overwrite the existing files on your server.

    If you're using a version prior to 4.2.2, then you should follow standard upgrade procedures.

    Builds available:
    vBulletin 4.2.2 Patch Level 2
    vBulletin 4.2.3 Beta 3
    Translations provided by Google.

    Wayne Luke
    The Rabid Badger - a vBulletin Cloud demonstration site.
    vBulletin 5 API - Full / Mobile
    Vote for your favorite feature requests and the bugs you want to see fixed.
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X