PDA

View Full Version : vBulletin 4.0.2 Patch Level 1 Released


vB.Org System
02-23-2010, 01:00 AM
An XSS exploit has been discovered in 4.0.1 and 4.0.2. We strongly recommend that anyone running these versions immediately patch their systems.

If you are running 4.0.2 already, simply download the latest Security patch: 4.0.2 Suite PL1 from the Members Area (http://members.vbulletin.com/patches.php), extract the 5 patch files, then upload these files making sure to overwriting the existing files. This will update your version to the latest patch release. The patch files are:

includes/class_core.php
includes/functions_forumdisplay.php
includes/functions.php
includes/version_vbulletin.php
vb/legacy/thread.php

If you are running 4.0.1, you will need to do a full upgrade to 4.0.2 PL1 (available in the Members Area.) Just downed the latest release and upgrade normally.


More... (http://www.vbulletin.com/forum/showthread.php?342962-vBulletin-4.0.2-Patch-Level-1-Released&goto=newpost)