CVE-2020-17496

⚠ KEVEPSS 94.2%

vBulletin PHP Module Remote Code Execution Vulnerability

Added to CISA KEV: 11/3/2021

Description

The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. This CVE ID resolves an incomplete patch for CVE-2019-16759.

Affected packages (0)

No package mapping in OSV.