Forum² Admin AWS Posted April 24, 2014 Forum² Admin Posted April 24, 2014 We are releasing patches for IP.Board 3.3.x, IP.Board 3.4.x and IP.Nexus 1.5.x to address three potential file inclusion issues recently reported to us, as well as one cross site scripting issue reported to us. It has been brought to our attention that certain PHP configurations allow for a potential file inclusion security issue through some of our files intended to be run from the command line. We are releasing patches today to resolve this issue. Additionally, it has been brought to our attention that through social engineering it is possible to direct a user to a page which can trigger an XSS (cross site scripting) attach. We are also releasing a patch today to resolve this issue. To apply the patch Simply download the attached zip for your IP.Board version and upload the files to your forum server. You do not need to run any scripts or the upgrade system. The attached zip files also include the patch for IP.Nexus, if you are using IP.Nexus. IP.Board 3.3.x http://community.invisionpower.com/index.php?app=core&module=attach§ion=attach&attach_id=57092" http://community.invisionpower.com/filestore/public/style_extra/mime_types/zip.gif" alt="Attached File" /> ;http://community.invisionpower.com/index.php?app=core&module=attach§ion=attach&attach_id=57092" 3.3.x.zip ; ;28.75KB ; ;http://community.invisionpower.com/filestore/public/style_extra/mime_types/zip.gif" alt="Attached File" /> ;http://community.invisionpower.com/index.php?app=core&module=attach§ion=attach&attach_id=57093" 3.4.x.zip ; ;31.31KB ; ; Quote IPB Webmaster - For Invision Community Enthusiasts - SEO Help Forum
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.