vBulletin 'faq.php' Information Disclosure Vulnerability

Summary
vBulletin is prone to an information-disclosure vulnerability. Successful exploits can allow attackers to obtain potentially sensitive information which may aid in other attacks. vBulletin 3.8.6 is affected prior versions may also be vulnerable.
Solution
The vendor has released a patch to address this issue. Please see the references for more information.
References