« vBulletin 3.7.1 Released
New vBulletin XSS Flaw Fix: vBulletin 3.7.1 PL2 and 3.6.10 PL2 »

vBulletin XSS Flaw Fixed: 3.7.1 PL1 and 3.6.10 PL1

Posted on June 9th, 2008 by Gabriel Harper

Jelsoft has just announced a security update for vBulletin forum software that resolves a cross-site scripting (XSS) error. These are patch level fixes for the existing vBulletin 3.7.1 and 3.6.10 versions that focus on the XSS flaw.

According to the Jelsoft announcement:

…it is difficult to exploit the XSS flaw, and the potential for exposure and damage is limited…

However, the implications of the flaw are not entirely clear in the announcement. Has anybody out there had problems with this cross-site scripting error?

This entry was posted on Monday, June 9th, 2008 at 8:09 am and is filed under Servers & Security, Software & Scripts. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “vBulletin XSS Flaw Fixed: 3.7.1 PL1 and 3.6.10 PL1”

  1. NEW VBULLETIN XSS FLAW FIX: VBULLETIN 3.7.1 PL2 AND 3.6.10 PL2 Says:
    June 18th, 2008 at 10:10 am

    [...] Gabriel Harper’s Blog Business, Web Sites and Life « vBulletin XSS Flaw Fixed: 3.7.1 PL1 and 3.6.10 PL1 [...]

Leave a Reply


Intavant          Servermind

©2020 Gabriel Harper. Do not use, copy or re-publish any part of this blog.