Announcements XenForo 1.4.13 Released (Security Fix)

Currently reading:
Announcements XenForo 1.4.13 Released (Security Fix)

During internal testing, we discovered a security issue within XenForo. The issue is known as a server-side request forgery (SSRF). This could allow an attacker to use your server to bypass your server's firewall and make internal requests. Depending on the services found, this could lead to privilege escalation or remote code execution.

This is a potentially serious issue and we strongly recommend all customers running XenForo 1.4 or older follow one of the below methods to fix this...

XenForo 1.4.13 Released (Security Fix)

Continue reading...

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to customizeXF

We are running default XenForo style customized by cXF
Registration is free!

Search forums