« vBulletin 3.7.1 Released
New vBulletin XSS Flaw Fix: vBulletin 3.7.1 PL2 and 3.6.10 PL2 »

vBulletin XSS Flaw Fixed: 3.7.1 PL1 and 3.6.10 PL1

Posted on June 9th, 2008 by Gabriel Harper

Jelsoft has just announced a security update for vBulletin forum software that resolves a cross-site scripting (XSS) error. These are patch level fixes for the existing vBulletin 3.7.1 and 3.6.10 versions that focus on the XSS flaw.

According to the Jelsoft announcement:

…it is difficult to exploit the XSS flaw, and the potential for exposure and damage is limited…

However, the implications of the flaw are not entirely clear in the announcement. Has anybody out there had problems with this cross-site scripting error?

Tags:

This entry was posted on Monday, June 9th, 2008 at 8:09 am and is filed under Servers & Security, Software & Scripts. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply