vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Official vB.com Announcements (https://vborg.vbsupport.ru/forumdisplay.php?f=240)
-   -   Security Patch Released for vBulletin 5.1.4 - 5.1.6 (https://vborg.vbsupport.ru/showthread.php?t=318753)

vB.Org System 05-21-2015 07:58 PM
Security Patch Released for vBulletin 5.1.4 - 5.1.6
 
A security issue has been discovered by the vBulletin team. This issue affects photo descriptions and could allow Cross Site Scripting. We have released security patches for the versions vBulletin 5.1.4 through 5.1.6 to close this vulnerability. It is recommended that all users apply the patch as soon as possible. If you're using a version of vBulletin 5 older than 5.1.4, it is recommended that you upgrade to the latest version as soon as possible.

In addition to the fixes in this patch, an upgrade step is being added to vBulletin 5.1.7 that will verify all previous images and make sure their descriptions are secure.

You can download the patch for your version here: http://members.vbulletin.com/patches.php

To install the patch:
1) Download the appropriate files for your version of vBulletin 5
2) Upload all files found within the zip file. Make sure to overwrite the existing files on your server.
3) Run install/upgrade.php in your browser.
4) Delete the /core/install folder.

If you're using a version prior to 5.1.4, then you should upgrade to that version following standard upgrade procedures. After upgrading, run the fix script which will be found in your /do_not_upgrade folder. Upload this to /core/install and run from your web browser.

This fix has already been applied to vBulletin Connect 5.1.7 and vBulletin Cloud.


All times are GMT. The time now is 06:53 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01003 seconds
  • Memory Usage 1,709KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (1)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete