LinkBack URL
About LinkBacksRegarding this reported exploit: http://inj3ct0r.com/exploits/9697
An official patch is forthcoming. Meanwhile I have attached a patched type.php file to this message. Unzip that file and upload it, replacing the existing ../vb/search/type.php file
Note: This is for those running 4.0.2 PL1 only.
If for some reason you want to apply this patch yourself, find the following file:
../vb/search/type.php
In that type.php file, find this near the bottom of the file:
'query' => TYPE_STR,
Replace that with this:
'query' => TYPE_NOHTML,
Please note that if you have already applied Paul M's path here, then you do not have to apply this patch.
Attached Files
More...
Results 1 to 1 of 1
Reported 4.0.2 PL1 XSS Vunerability
This is a discussion on Reported 4.0.2 PL1 XSS Vunerability within the vBulletin.com Announcements forums, part of the Announcements & Pre-Sales category; Regarding this reported exploit: http://inj3ct0r.com/exploits/9697 An official patch is forthcoming. Meanwhile I have attached a patched type.php file to this ...
-
03-21-2010 02:20 PM #1vBSEO Moderator
- Join Date
- Oct 2009
- Posts
- 445
- Liked
- 6 times
Reported 4.0.2 PL1 XSS Vunerability
Reply With Quote