oss-sec mailing list archives
CVE Request: vBulletin 5 - Private Messages Input Validation Failure
From: Patrick William <pat () rack911labs com>
Date: Fri, 24 Apr 2015 17:43:20 -0300
Hi, I need to request a CVE for vBulletin 5. Reason:Due to an input validation failure, it is possible for a malicious user to inject messages into existing conversations without authorization.
Reference: http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4319488-security-patch-released-for-vbulletin-5-1-4-5-1-6-and-vbulletin-cloud Patrick -- RACK911 Labs 1110 Palms Airport Drive Suite 110 Las Vegas, NV 89119 http://www.RACK911Labs.com Software Security Auditing Follow us @ http://twitter.com/RACK911Labs
Current thread:
- CVE Request: vBulletin 5 - Private Messages Input Validation Failure Patrick William (Apr 24)
- Re: CVE Request: vBulletin 5 - Private Messages Input Validation Failure cve-assign (Apr 24)