[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 24 Apr 2015 17:43:20 -0300
From: Patrick William <pat@...k911labs.com>
To: oss-security@...ts.openwall.com
Subject: CVE Request: vBulletin 5 - Private Messages Input Validation Failure
Hi,
I need to request a CVE for vBulletin 5.
Reason:
Due to an input validation failure, it is possible for a malicious user
to inject messages into existing conversations without authorization.
Reference:
http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4319488-security-patch-released-for-vbulletin-5-1-4-5-1-6-and-vbulletin-cloud
Patrick
--
RACK911 Labs
1110 Palms Airport Drive
Suite 110
Las Vegas, NV 89119
http://www.RACK911Labs.com
Software Security Auditing
Follow us @ http://twitter.com/RACK911Labs
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
