Guest XenForo Posted January 17, 2016 Posted January 17, 2016 During routine internal testing, we discovered a security issue within XenForo 1.3 and newer. The issue allows a cross site scripting (XSS) attack to potentially be triggered via a specially crafted profile post. XSS issues may allow an attacker to steal data (including cookies) or force a user to take actions without their consent or knowledge (possibly including administrative actions). We strongly recommend all XenForo customers follow one of the steps below to resolve this issue.... XenForo 1.3.10 Released (Security Fix) Continue reading... Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.