vBulletin 3.8.4 PL1 - No Template Changes

[Miko]

Jelsoft has just released a new version of vBulletin to address a XSS flaw in the user profile page.

No template changes are required.

All of our skins are 100% compatible with this new version of vBulletin.

Quote:

An XSS flaw within the user profile page has recently been discovered. This could allow an attacker to carry out an action as a user or obtain access to a user's account. To resolve this issue, it has been necessary to release a patch level version of the active versions of vBulletin.

The upgrade process is the same as previous patch level releases - simply download the patch from the Members Area, extract the files and upload to your webserver, overwriting the existing files. There is no upgrade script required.

As with all security-based releases, we recommend that all customers upgrade as soon as possible in order to prevent any potential damage resulting from the flaw being exploited.

You can read more here: http://www.vbulletin.com/forum/showthread.php?t=319572


On a side note, just letting you know that I'm hoping to get vB Styles approved to beta test vBulletin 4, so that I can start development of all of our skins... can't wait.
I have postponed the release of any new skins till vBulletin 4 is available.

I have a new programmer working on the site so that we will soon have a properly working help desk and a upgraded shop.