Jump to content


Buy 2 skins get 1 free
Refer members and earn 20% commission on purchases they make!

IP.Board Security Update

Started by Bluepearl RSS, Feb 20 2012 04:11 AM

No replies to this topic

#1 Bluepearl RSS

    Bluepearl RSS

  • Members
  • 172 posts

Posted 20 February 2012 - 04:11 AM

It has come to our attention that a XSS (Cross Site Scripting) attack is possible within the Admin CP. The javascript is only executed when viewing the detailed pop-up of a specific failed admin log in.

This issue exists in all IP.Board 3 versions. We recommend that everyone using these versions apply this simple one file patch.

Simply download the zip for your IP.Board version, expand the zip on your computer and upload the file to the relevant folder on your server. The directory structure is maintained in the zip so you will have no issues finding the file.

If you need assistance, please contact technical support.


IP.Board 3.2.x
Attached File  feb_3_2_x.zip   2.72K   116 downloads

IP.Board 3.1.x
Attached File  feb-3_1_x.zip   2.76K   32 downloads

IP.Board 3.0.x
Attached File  feb-3_0_x.zip   2.76K   14 downloads


If you are running a version of IP.Board older than those listed we highly recommend you upgrade to the latest, supported version as it will include this and other fixes.

View the full article
Back to Forum Software Updates · Next Unread Topic →

Reply to this topic



  


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Bluepearl Skins
  2. Bluepearl Announcements
  3. Forum Software Updates

Links

Customers

Our Network

Our Friends


  • Follow us...
  • Subscribe to our Announcements
  • Follow us on Twitter
  • Follow us on Facebook
  • Follow us on LinkedIn
  • Follow us on Google +
  • We accept Paypal & 2Checkout with Mastercard and Visa