Vulnerability Description
Unspecified vulnerability in the update check in Vanilla Forums before 2.0.18.8 has unspecified impact and remote attack vectors, related to "object injection."
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vanillaforums | Vanilla | <= 2.0.18.7 |
References
- http://vanillaforums.org/discussion/23339/security-update-vanilla-2-0-18-7Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84167
- https://github.com/vanillaforums/Garden/commit/b9a10dabb15c697347bfa7baef69a6e21ExploitPatch
- http://vanillaforums.org/discussion/23339/security-update-vanilla-2-0-18-7Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84167
- https://github.com/vanillaforums/Garden/commit/b9a10dabb15c697347bfa7baef69a6e21ExploitPatch
FAQ
What is CVE-2013-3528?
CVE-2013-3528 is a vulnerability with a CVSS score of 7.5 (HIGH). Unspecified vulnerability in the update check in Vanilla Forums before 2.0.18.8 has unspecified impact and remote attack vectors, related to "object injection."
How severe is CVE-2013-3528?
CVE-2013-3528 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-3528?
Check the references section above for vendor advisories and patch information. Affected products include: Vanillaforums Vanilla.