HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Security vulnerability: Flagging plugin (2.0.18.2 and earlier)

LincLinc Detroit Admin
edited March 2012 in Releases

There is an XSS vulnerability in Vanilla, version 2.0.18.2 and earlier. This only effects the Flagging plugin. Anyone using the Flagging plugin should immediately upgrade to 2.0.18.3 or make this change: Fix for Flagging XSS.

2.0.18.3 is now available.

merfedUnderDogaerykkshisan

Comments

Sign In or Register to comment.