vBulletin 3.6.3 Released

An undocumented behavior in all Windows versions of Internet Explorer has rendered vBulletin vulnerable to a potential cross-site scripting flaw (XSS). Therefore, we have decided to put out a preventative security release in order to work-around the Internet Explorer problem before it is exploited.

3.6.3 also includes fixes for approximately 50 bugs that were discovered in 3.6.2. For this reason, we recommend all customers upgrade to 3.6.3 as soon as possible. If this is not possible and you are currently running 3.6.2, you may use the patch method discussed here.

http://www.vbulletin.com/forum/showthread.php?t=207860