ACP News: YUI Security Issue found in uploader.swf
- This topic is empty.
- You must be logged in to reply to this topic.
The vulnerable file is also present in the vBulletin 5 download package though not used by the vBulletin 5 front-end. We recommend that you delete the file and replace it with the attached file.
We have also updated all download packages for vBulletin 4.X and 5.X with the new empty file.
To resolve this issue take the following steps:
Note: We will not be fixing the vulnerability in the SWF file directly nor do we plan to take any other action on this issue at this time.
Please consider making a donation using the means of your choice. Our station relies heavily on listener contributions to survive. As such your support is greatly appreciated.
Having made a donation, feel free to tell us about it here... Thank you!