XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. Xoops Development / 
  3. Xoops Bug Reports 
  4.  / XOOPS 2.5.7 Security issues reported by Narendra Bhati (incl. in 2.5.7.1 Patch)
Register
1
Mamba
XOOPS 2.5.7 Security issues reported by Narendra Bhati (incl. in 2.5.7.1 Patch)

  • 2014/12/23 15:42

  • Mamba

  • Moderator

  • Posts: 11409

  • Since: 2004/4/23


We wanted to thank Narendra Bhati, who notified us about security issues in 2.5.7 (see this article about the 2.5.7.1 Security Patch).

Now that hopefully everybody updated their XOOPS installations, we wanted to list the issues reported by Narendra separately so he can submit it and get the appropriate credit:

1. Reflected XSS
2. Stored XSS
3. NO HTTP ONLY FLAG
4. Issue of improper work of Protector
5. Clickjacking

It is thanks to people like Narendra that XOOPS is improving and getting better, and we very much appreciate these contributions, as they show power of Open Source!

If you haven't yet updated your XOOPS installation, please do it ASAP!!!
Support XOOPS => DONATE
Use 2.5.11 | Docs | Modules | Bugs

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

260 user(s) are online (62 user(s) are browsing Support Forums)

Members: 0

Guests: 260

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Dec 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits