Advertise Here | Advertise Here | Advertise Here | Advertise Here
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Attention buyers: Please take the time to read THIS
    Dismiss Notice
  3. I have imposed a new requirement today limiting who can start and receive private conversations. This is in an effort to thwart scammers who have a zero post count but private message others offering to sell their licenses. The restriction is not strict, a user must post at least one (1) post in the forum before being allowed to start and/or receive private conversations. Read Forum Post
    Dismiss Notice
  4. Dismiss Notice
Dismiss Notice
Introducing the new Classifieds Section

Please see HERE for more info.

Official XenForo 1.3.10 Released (Security Fix)

Discussion in 'XenForo' started by EL Paper Boy, Dec 14, 2015.

  1. EL Paper Boy

    EL Paper Boy Member

    Local Time:
    6:07 AM
    During routine internal testing, we discovered a security issue within XenForo 1.3 and newer. The issue allows a cross site scripting (XSS) attack to potentially be triggered via a specially crafted profile post. XSS issues may allow an attacker to steal data (including cookies) or force a user to take actions without their consent or knowledge (possibly including administrative actions).

    We strongly recommend all XenForo customers follow one of the steps below to resolve this issue....

    XenForo 1.3.10 Released (Security Fix)

    Continue reading...
     

Share This Page