XenForo 1.3.7 Released (Security Fix)

Currently reading:
XenForo 1.3.7 Released (Security Fix)

XenForo RSS Feed

Staff member
May 20, 2015
Today, we are releasing XenForo 1.3.7 to address two potential security vulnerabilities. We recommend that all customers running XenForo 1.3 upgrade to 1.3.7 or use the attached patch file as soon as possible.

The two issues are XSS vulnerabilities. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access.
  • In the notices system, the name token was not escaped as expected. This could...

XenForo 1.3.7 Released (Security Fix)

Continue reading...

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to customizeXF

We are running default XenForo style customized by cXF
Registration is free!

Search forums

Similar threads

Sticky sidebar

You'd like to have sticky sidebar on your forum? Click below.