Security Patch for XOOPS 2.5.6

Mamba  24-Sep-2013 19:37 8762 Reads   11 Comment(s) 
As always, security is on top of priority list of XOOPS!

Current users of XOOPS 2.5.6 are encouraged to download and apply a Security Patch.

Download: SourceForge File Repository

This security patch fixes some potential XSS issues discovered by Mehdi Dadkhah and fixed by Richard Griffith.

While 2.5.6 Websites that have currently installed Protector are safe from this XSS vulnerability, we recommend strongly to apply this patch to ALL XOOPS 2.5.6 Websites.

It is not enough to stress that you should ALWAYS have Protector installed!!!

How to Apply the Patch:
You will need as minimum PHP 5.3.7

Just copy ALL the files from /htdocs folder in this Zip file to your XOOPS Website.
No other action is needed.

For users of XOOPS Versions older than 2.5.6

Please update AS SOON AS POSSIBLE to XOOPS 2.5.6. As always, the current versions are always the most stable and safest, i.e. older versions might be open to vulnerabilities that has been already fixed in the current version.

As of today, all XOOPS 2.5.6 versions available for download have been all patched.

Wishing everybody Happy and Safe Xoopsing!

XOOPS Core Team

Rating 0/5
Rating: 0/5 (0 votes)
Voting is disabled!


Who's Online

235 user(s) are online (2 user(s) are browsing Publisher)

Members: 0

Guests: 235



Goal: $100.00
Due Date: Feb 29
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits