XOOPS Web Application System (https://xoops.org)
Powered by You!
XOOPS 2.5.7.1 Security Patch Released
Category : XOOPS
| Published by Mamba on 25-Nov-2014 05:14
The
XOOPS Development Team is pleased to announce the release of a
security patch for XOOPS 2.5.7 Final. This patch for XOOPS 2.5.7 corrects the following issues:
- CSRF and XSS issues reported by Dingjie 'Daniel' Yang of
Web Security Lens- XSS and best practice issues reported by Narendra Bhati
We would like to specifically thank our friends
Dingjie 'Daniel' Yang of Web Security Lens and
Narendra Bhati, who notified us about these issues, and to
Richard (aka Geekwright), our Core Team Leader, who provided the fixes.
All XOOPS 2.5.7 users are advised to apply this patch as soon as possible. Download: You can download the patch from
XOOPS File Repository on SourceForgeAny users that are running an older XOOPS version are advised to update to
XOOPS 2.5.7.1 now, which includes the patch.
You can find more information about the original
XOOPS 2.5.7 release in this article