zippokid
Mon 16th Mar '09, 6:52pm
I recently noticed a message in my usercp that statd
An XSS flaw within the editor controls has recently been discovered. This could allow an attacker to carry out an action as a user or obtain access to a user's account. To resolve this issue, it has been necessary to release a patch level version of the active versions of vBulletin.
As with all security-based releases, we recommend that all customers upgrade as soon as possible in order to prevent any potential damage resulting from the flaw being exploited.
I went to http://members.vbulletin.com/patches.php
and downloaded the files. I am running vBulletin® v3.6.8 Patch Level 2
Am I to understand that all I needed to do was upload those three files? Or is it necessary to do more in order to protect my forum? Thanks.
An XSS flaw within the editor controls has recently been discovered. This could allow an attacker to carry out an action as a user or obtain access to a user's account. To resolve this issue, it has been necessary to release a patch level version of the active versions of vBulletin.
As with all security-based releases, we recommend that all customers upgrade as soon as possible in order to prevent any potential damage resulting from the flaw being exploited.
I went to http://members.vbulletin.com/patches.php
and downloaded the files. I am running vBulletin® v3.6.8 Patch Level 2
Am I to understand that all I needed to do was upload those three files? Or is it necessary to do more in order to protect my forum? Thanks.