Bugtraq mailing list archives
RE: vBulletin XSS Security Bug
From: "Alex Yu" <yua () yudesigns com>
Date: Mon, 21 Oct 2002 13:42:21 -0400
.:: vBulletin XSS Security Bug + Solution: - Forum administrator can add some codes that will check the referred URL and filter its inputs or upgrade to vBulletin 3.0.
Incorrect information. vBulletin 3.0 is still in beta and is not available for download. vBulletin team has posted a fix and will include this patch in the upcoming 2.2.9 release. To download the bug fix, please go to this URL: http://www.vbulletin.com/forum/showthread.php?threadid=57203 As far as I know, vBulletin was not informed about this security bug before the exploit went public. BTW, I do not work for vBulletin. Best, Alex
Current thread:
- vBulletin XSS Security Bug Sp . IC (Oct 18)
- RE: vBulletin XSS Security Bug Alex Yu (Oct 21)