An XSS vulnerability in XOOPS 2.2* was reported by Omer Singer from The Digi Trust Group, LLC.
All XOOPS 2.2* users are urged to apply the attached patch.
Implementation Guide:
Step 1: uncompress the package
Step 2: upload the /html/class/xoopsform/form.php file to your XOOPSROOT/class/xoopsform/
Note:
1 XOOPS 2.2.6 RC is released at the same time with a more comprehensive solution. Do NOT apply this patch if you use 2.2.6 RC package instead.
2 XOOPS 2.0* sites are not affected directly, however the relevant improvements have been available in XOOPS 2.0.18 RC.
Download: xoops-2.2.5-security.tar.gz | xoops-2.2.5-security.zip
All XOOPS 2.2* users are urged to apply the attached patch.
Implementation Guide:
Step 1: uncompress the package
Step 2: upload the /html/class/xoopsform/form.php file to your XOOPSROOT/class/xoopsform/
Note:
1 XOOPS 2.2.6 RC is released at the same time with a more comprehensive solution. Do NOT apply this patch if you use 2.2.6 RC package instead.
2 XOOPS 2.0* sites are not affected directly, however the relevant improvements have been available in XOOPS 2.0.18 RC.
Download: xoops-2.2.5-security.tar.gz | xoops-2.2.5-security.zip
|
|
Login
Search
Recent Comments
Who's Online
Donat-O-Meter
| Stats | |
| Goal: | $100.00 |
| Due Date: | Apr 30 |
| Gross Amount: | $0.00 |
| Net Balance: | $0.00 |
| Left to go: | $100.00 |
 |
|