XOOPS Team is pleased to announce the release of XOOPS 2.0.7.3. It includes a fix for a security bug that allowed hijacking of session variables in a certain circumstance, even with 2.0.7.2. It is strongly recommended that all users using any of the previous versions of XOOPS including 2.0.7.2 upgrade to this latest version.
Changes =============================== !! SECURITY FIX !! fixed more bugs that allowed session hijacking under a certain circumstance (Onokazu)