Forum² Admin AWS Posted February 20, 2012 Forum² Admin Posted February 20, 2012 It has come to our attention that a XSS (Cross Site Scripting) attack is possible within the Admin CP. The javascript is only executed when viewing the detailed pop-up of a specific failed admin log in. This issue exists in all IP.Board 3 versions. We recommend that everyone using these versions apply this simple one file patch. Simply download the zip for your IP.Board version, expand the zip on your computer and upload the file to the relevant folder on your server. The directory structure is maintained in the zip so you will have no issues finding the file. If you need assistance, please contact technical support. IP.Board 3.2.x http://community.invisionpower.com/index.php?app=core&module=attach§ion=attach&attach_id=37379" http://community.invisionpower.com/public/style_extra/mime_types/zip.gif" alt="Attached File" /> ;http://community.invisionpower.com/index.php?app=core&module=attach§ion=attach&attach_id=37379" feb_3_2_x.zip ; ;2.72K ; ;http://community.invisionpower.com/public/style_extra/mime_types/zip.gif" alt="Attached File" /> ;http://community.invisionpower.com/index.php?app=core&module=attach§ion=attach&attach_id=37378" feb-3_1_x.zip ; ;2.76K ; ;http://community.invisionpower.com/public/style_extra/mime_types/zip.gif" alt="Attached File" /> ;http://community.invisionpower.com/index.php?app=core&module=attach§ion=attach&attach_id=37377" feb-3_0_x.zip ; ;2.76K ; ; Quote IPB Webmaster - For Invision Community Enthusiasts - SEO Help Forum
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.