Simple Machines has just released a security patch for SMF.
This release addresses a cross-site scripting vulnerability in the search function.
The fix for the 1.0.x has been released as 1.0.9. The version number of 1.1RC3 has remained as is, but you need to download and update your SMF installation ASAP!
Just last week my forum was hacked. I’m not sure if this is the reason, but having your software vulnerable XSS is a sure shot way to getting hacked.
Read the complete release notification or download the latest version.
Direct Download:
Download the files below (you may need to be registered to the forum) and replace the files in your installation with the php files in the package.
updated_files_SMF_1-0-9.zip (102.59 KB)
smf_patch_1-0-9_1-1-rc3-1.tar.gz (1.99 KB)
updated_files_SMF_1-1-rc3-1.zip (179.11 KB)
Liked this article? Subscribe to site feed
, subscribe via email or add to your Technorati favs to receive regular updates..
Post Details
- Post Date :
- Monday, Oct 30th, 2006 at 4:38 pm
- Category :
- Forums and PHP and Scripts and Security
- Tags :
- cross-site-scripting, Forums, PHP, Security, smf, vulnerability, xss
- Do More :
- You can leave a response or a trackback from your own site.
Related Posts
Some posts related to the post you have just read:
Leave a Reply