Security bug announced, xhelp 0.71 released

Date 2005/3/30 18:30:28 | Topic: Modules

In response to a security bug discovered by Brian Erdelyi @ SecurityHive.com that allowed users to view other users tickets, we have released xhelp 0.71 to address this issue. In addition we included a couple bug fixes for xhelp 0.7. All users are recommended to upgrade to the latest package.

Changes in 0.71:
1. Fixed email activation link not being sent to new users (eric_juden)
2. Fixed uploading files with undefined mimetypes bug (eric_juden)
3. Fixed bug for ticket subject length being too short in edit ticket (eric_juden)
4. Fixed bug for fatal error while in staff profiles (eric_juden)
5. Security!!! Fixed bug for users being allowed to look at other user's tickets (eric_juden)




This article comes from XOOPS Web Application System
https://xoops.org

The URL for this story is:
https://xoops.org/modules/news/article.php?storyid=2165