First published: Fri Oct 04 2019(Updated: )
vBulletin through 5.5.4 mishandles external URLs within the /core/vb/vurl.php file and the /core/vb/vurl directories.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
vBulletin vBulletin | <=5.5.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2019-17130.
The severity of CVE-2019-17130 is medium, with a severity value of 6.5.
vBulletin is a commercial Internet forum software package.
vBulletin versions up to and including 5.5.4 are affected.
CVE-2019-17130 allows for the mishandling of external URLs within certain vBulletin files and directories.