Affected Version(s): All versions from v3.0.0 to v3.3.0 (current) of vBSecurity for vBulletin 3 / vBulletin 4. XenForo products are not affected.
Details: A vulnerability has been discovered in the "Login Sessions" feature in vBSecurity for vBulletin 3 / vBulletin 4.
If an attacker is able to gain access to your forum's database, it would be possible for them to inject malicious code that can be used to spread malware, steal session data and many other things.
If an attacker is not able to gain access to your forum's database, the scope of this vulnerability would be limited to the attacker's own account, rendering the vulnerability effectively null.
For this reason, the vulnerability has been rated Low, as it is unlikely this vulnerability would be the primary attack vector should an attacker gain access to the database.
Priority: Low
Fix: v3.3.0 has been patched for all current customers. If your license has expired, please follow the manual patch instructions below.
Manual patch instructions: In the file
Credit: This vulnerability was discovered by Laurent Vetter - l4rm4nd @ GitHub
Details: A vulnerability has been discovered in the "Login Sessions" feature in vBSecurity for vBulletin 3 / vBulletin 4.
If an attacker is able to gain access to your forum's database, it would be possible for them to inject malicious code that can be used to spread malware, steal session data and many other things.
If an attacker is not able to gain access to your forum's database, the scope of this vulnerability would be limited to the attacker's own account, rendering the vulnerability effectively null.
For this reason, the vulnerability has been rated Low, as it is unlikely this vulnerability would be the primary attack vector should an attacker gain access to the database.
Priority: Low
Fix: v3.3.0 has been patched for all current customers. If your license has expired, please follow the manual patch instructions below.
Manual patch instructions: In the file
/library/DBTech/Security/Action/Sessions.php
on line 50, replace the line with
Code:
'userAgent' => '<b>' . htmlspecialchars_uni($session['user_agent']) . '</b>',
Credit: This vulnerability was discovered by Laurent Vetter - l4rm4nd @ GitHub