IPBSupport News 8 Report post Posted September 7, 2010 A security issue has been discovered in IP.Board 3.1.x that could potentially allow a malicious user to insert Javascript or other code into your community. The damage this sort of attack can do is drastically mitigated by IP.Board's use of HTTP-only cookies and other security measures. As part of our continued dedication to security enhancement, we are releasing a simple patch for IP.Board 3.1.2 to address this issue. If you are running IP.Board versions less than 3.1.2 simply upgrade your software version. Download Patch Simply upload the attached file to: admin/sources/classes/bbcode/custom/defaults.php 312_sept_patch.zip (21.62K) : 171 The main download zip has been updated at the time of this post. Quelle: http://community.invisionpower.com/topic/320838-ipboard-31x-security-patch-released/ Share this post Link to post
