Hey. I just borrow my son's account to ask about security issue.

Our webhost - Domeneshop.no in Norway - believe that we have a security problem on the forum. When we asked what the problem is, we have received the following information about the cause of the alleged vulnerability:

CKEditor 3.6.2 ./www/clientscript/ckeditor/
vBulletin 4.2.0 ./www/

.... without other comments.

We are running vBulletin 4.2.0 Patch Level 3

What's going on?. If there is a security issue as our web host said - we have not heard about it, even from other vBulletin forums, we work with.

Is it a security problem with CKEditor 3.6.2 as our web host says, and if so, how to solve this?

I've only heard of this particular problem in Drupal, Jomla etc. but not in vBulletin. I'm really lost.

Thank you in advance for answers

It is an issue with vbulletin. vbulltin uses an older version of ckeditor. There is a bug report open about the issues here. It's been open for about 6 months now, but it doesn't appear that vbulletin is planning on fixing it ATM. Your best bet is to switch hosts.

http://tracker.vbulletin.com/browse/VBIV-13267

It is an issue with vbulletin. vbulltin uses an older version of ckeditor. There is a bug report open about the issues here. It's been open for about 6 months now, but it doesn't appear that vbulletin is planning on fixing it ATM. Your best bet is to switch hosts.

http://tracker.vbulletin.com/browse/VBIV-13267
How is that a security vulnerability issue? ...that's more of a quality issue. I would switch providers that providers security team has a few rocks loose.