IPBSupport News 8 Report post Posted March 9, 2012 It has come to our attention that a XSS (Cross Site Scripting) attack is possible under specific circumstances when editing a post another member has made. This issue only exists in IP.Board 3.2.0, 3.2.1, 3.2.2 and 3.2.3. We recommend that everyone using these versions apply this simple two file patch. Simply download the zip, expand it on your computer and upload the files to the relevant folders on your server. The directory structure is maintained in the zip so you will have no issues finding the files. If you need assistance, please contact technical support. march-editor-patch_3_2.zip 25.21K 28 downloads Note: The main download zip has been updated . Quelle: http://community.invisionpower.com/topic/358403-ipboard-32x-security-update/ Share this post Link to post
