4images Forum & Community

4images Issues / Ausgaben => Discussion & Troubleshooting => Topic started by: arabcine on December 19, 2009, 01:48:27 PM

Title: new Vulnerable_Code or what
Post by: arabcine on December 19, 2009, 01:48:27 PM

when iam Browseing some vb's i see we have new Vulnerable in version 1.7.7 are the ture or what


[link removed for security reason]


can admin's read this,

thanks

Title: Re: new Vulnerable_Code or what
Post by: mawenzi on December 19, 2009, 02:33:58 PM

Fix : [1.7 - 1.7.7] Security fix for XSS inssue in includes/functions.php : http://www.4homepages.de/forum/index.php?topic=25057.0

Title: Re: new Vulnerable_Code or what
Post by: arabcine on December 19, 2009, 03:45:38 PM

aha thanks for your replay

Title: Re: new Vulnerable_Code or what
Post by: V@no on December 19, 2009, 05:53:16 PM

Thank you for bringing this to our attention. I've removed the link.

Until official fix released here is a quick and probably not the best fix that works only on URLs

The fix mawenzi mentioned - is THE fix. Nothing else needed.

Title: Re: new Vulnerable_Code or what
Post by: Hagen-Roderich on December 19, 2009, 09:27:17 PM

I have already installed the fix.
Do i have to do the modificaton by V@no, too?
Thanks

Title: Re: new Vulnerable_Code or what
Post by: V@no on December 20, 2009, 06:31:52 AM

No, not need anything else.

Title: Re: new Vulnerable_Code or what
Post by: arabcine on December 20, 2009, 08:27:54 AM

thanks V@no