XOOPS Web Application System (https://xoops.org)
Powered by You!
Security bug announced, xhelp 0.71 released
Category : Modules
| Published by ackbarr on 30-Mar-2005 18:30
In response to a security bug discovered by Brian Erdelyi @ SecurityHive.com that allowed users to view other users tickets, we have released xhelp 0.71 to address this issue. In addition we included a couple bug fixes for xhelp 0.7. All users are recommended to upgrade to the
latest package.Changes in 0.71:
1. Fixed email activation link not being sent to new users (eric_juden)
2. Fixed uploading files with undefined mimetypes bug (eric_juden)
3. Fixed bug for ticket subject length being too short in edit ticket (eric_juden)
4. Fixed bug for fatal error while in staff profiles (eric_juden)
5. Security!!! Fixed bug for users being allowed to look at other user's tickets (eric_juden)