Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

RE: vBulletin XSS Security Bug
From: "Alex Yu" <yua () yudesigns com>
Date: Mon, 21 Oct 2002 13:42:21 -0400
.:: vBulletin XSS Security Bug

+ Solution:

    - Forum administrator can add some codes that will check 
the referred 
URL and filter its inputs or upgrade to vBulletin 3.0.


Incorrect information.  vBulletin 3.0 is still in beta and is not
available for download.  vBulletin team has posted a fix and will
include this patch in the upcoming 2.2.9 release.

To download the bug fix, please go to this URL:

http://www.vbulletin.com/forum/showthread.php?threadid=57203

As far as I know, vBulletin was not informed about this security bug
before the exploit went public.

BTW, I do not work for vBulletin.

Best,
Alex

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]