vBulletin 5.x through 5.1.6 Authorization Bypass and Private Message Injection Vulnerability

vBulletin 5.x through 5.1.6 Authorization Bypass and Private Message Injection Vulnerability

CVE-2015-3419 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

vBulletin 5.x through 5.1.6 allows remote authenticated users to bypass authorization checks and inject private messages into conversations via vectors related to an input validation failure.

Learn more about our User Device Pen Test.