08-12-2016, 03:09 AM
|
#1 (permalink)
|
|
Master EcoModder
Join Date: Aug 2012
Location: northwest of normal
Posts: 27,704
Thanks: 7,778
Thanked 8,586 Times in 7,070 Posts
|
The Reg — Patch your vBulletin forum – or get popped
Patch your vBulletin forum
Quote:
|
The patches address a pre-authentication server-side request forgery vulnerability (CVE-2016-6483) in vBulletin 3.8.9, 3.8.10 beta, 4.2.3, 4.2.4 beta, and 5.2.3. Attackers can exploit the bug to get access to services such as email, the memory cache, and other services.
|
3.8.7 isn't on that list, but it's absence doesn't inspire confidence.
|
|
|
|