XenForo 1.2.8 Released (Security Fix)

Messages
157
Likes
6
#1
Today, we are releasing XenForo 1.2.8 to address two potential security vulnerabilities. We recommend that all customers running XenForo 1.2 or earlier upgrade to 1.2.8 or use the attached patch file as soon as possible.

The two issues are XSS vulnerabilities. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access.
  • In the notices system, the name token was not escaped as expected....

XenForo 1.2.8 Released (Security Fix)

Continue reading...
 

You must log in or register to reply here.

Forgot your password?
Don't have an account? Register now

Welcome to customizeXF

We are running default XenForo style customized by cXF
Registration is free!

Similar threads

Top