Jump to content

[IPS news] IP.Board 2.3.6 and 3.0.5 Security Update

Started by IPS News, Mar 08 2010 02:34 PM

No replies to this topic

#1
IPS News
Posted 08 March 2010 - 02:34 PM

    Advanced Member

  • Bot
  • PipPipPip
  • 168 posts
It has come to our attention that there is a possible XSS exploit present in both IP.Board 2.3.6 and 3.0.x. This vulnerability allows the attacker to insert CSS or Javascript into certain BBCodes that is executed when a user displays the page.

Resolution
Please download the relevant zip for your IP.Board. Expand the zip file and upload the file over the copy on your server. No other action is required.

IP.Board 3.0.5
Posted Image 305xss_march10.zip (13.29K)
: 153

IP.Board 2.3.6
Posted Image 236xss_march10.zip (15.61K)
: 58

The main download zips have been updated. If you have downloaded either 2.3.6 or 3.0.5 since the time of this announcement, then you do not need to patch your installation.

View the full article
Back to Community Softwares News · Next Unread Topic →


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. IPB skins - Skinbox
  2. Community Area
  3. Community Softwares News