Jump to content

Ipb 2.1.7 Security Update - Medium Priority

TCH-JimE

By TCH-JimE
in Software/Scripts/Other Alerts

 Share

Recommended Posts

TCH-JimE Grand Master

TCH-JimE

Posted
Posted

It has come to our attention that due to the way some browsers interpret image tags a vulnerability exists which allows a malicious user to perform an XSS attack by forcing an "onerror" event in the snapback tag.

 

To update your board, simply download the attached ZIP file, unarchive it and upload 'sources/classes/bbcode/class_bbcode_core.php' over the one on your server. If you wish to patch your board manually, please read the second post in this announcement.

 

The main download has been updated as of the time of this announcement.

 

Note: IPB 2.2.0 (all versions) are NOT affected by this vulnerability.

 

You can find more here (scroll down!)

 

JimE

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...