Описание
vBulletin 3.8.7 is vulnerable to a denial-of-service condition via the misc.php?do=buddylist endpoint. If an authenticated user has a sufficiently large buddy list, processing the list can consume excessive memory, exhausting system resources and crashing the forum.
Ссылки
- Product
- ExploitMitigationThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:vbulletin:vbulletin:3.8.7:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00066
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-400
Связанные уязвимости
CVSS3: 5.4
github
7 месяцев назад
vBulletin 3.8.7 is vulnerable to a denial-of-service condition via the misc.php?do=buddylist endpoint. If an authenticated user has a sufficiently large buddy list, processing the list can consume excessive memory, exhausting system resources and crashing the forum.
EPSS
Процентиль: 21%
0.00066
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-400