Today, we are releasing XenForo 2.0.8 to address a potential security vulnerability. We recommend that all customers running XenForo 2.0 upgrade to 2.0.8 or use the attached patch file as soon as possible.
The issue is a XSS vulnerability. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access.
Specifically, the issue relates to specially crafted text entered into messages and output using...
XenForo 2.0.8 Released (Security Fix)
Continue reading...
The issue is a XSS vulnerability. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access.
Specifically, the issue relates to specially crafted text entered into messages and output using...
XenForo 2.0.8 Released (Security Fix)
Continue reading...