No announcement yet.

Security Patch released for vBulletin 5.1.4 - 5.1.6 and vBulletin Cloud.

  • Filter
  • Time
  • Show
Clear All
new posts

  • Security Patch released for vBulletin 5.1.4 - 5.1.6 and vBulletin Cloud.

    A security issue has been reported to us. This issue affects Private Messages in vBulletin 5. We have released security patches for the versions vBulletin 5.1.4 through 5.1.6 to account for this vulnerability. It is recommended that all users update as soon as possible. If you're using a version of vBulletin 5 older than 5.1.4, it is recommended that you upgrade to the latest version as soon as possible.

    You can download the patch for your version here:

    To install the patch download the appropriate files for your version of vBulletin 5 then upload all files found within the zip file. Make sure to overwrite the existing files on your server.

    If you're using a version prior to 5.1.4, then you should upgrade to that version following standard upgrade procedures.

    A special thanks goes out to for alerting us to this issue and providing a proof of concept that helped resolve the issue.

    vBulletin Connect 5.1.7 will have this fix applied in beta 2.

    vBulletin Cloud Sites have already had this patch applied.
    Translations provided by Google.

    Wayne Luke
    The Rabid Badger - a vBulletin Cloud demonstration site.
    vBulletin 5 API
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.