A security researcher has publicly disclosed two critical zero-day vulnerabilities in Vanilla Forums, an open source software that powers discussion on over 500,000 websites, which could allow unauthenticated, remote attackers to fully compromise targeted websites easily. Discovered by Polish security researcher Dawid Golunski of Legal Hackers, two separate unpatched vulnerabilities, a remote
Read Here»
Post a Comment Blogger Facebook
thesheenblog
247968918688317
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. As the comments are written and submitted by visitors of The Sheen Blog, they in no way represent the opinion of The Sheen Blog. Let's work together to keep the conversation civil.
Subscribe to:
Post Comments (Atom)
This has been patched. Please read: https://open.vanillaforums.com/discussion/33498/critical-security-release-vanilla-2-3-1
ReplyDeleteAlso to be clear, this impacted only open source, and none of our hosted customers were impacted