Resource icon

XenForo (Security Fix) Full package V2.1.12

No permission to download
Today, we are releasing XenForo 2.1.12 to address two potential security vulnerabilities. We strongly recommend that all customers running XenForo 2.1 upgrade to 2.1.12 or use the attached patch file as soon as possible.

The issues are XSS vulnerabilities. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access.

Applying a patch manually
Download the 2112patch.zip file attached to this message. It will contain the following file:
  1. src/XF/BbCode/Renderer/Html.php
Extract the zip file to your computer and upload the contents to the root of your XenForo installation. This should overwrite the files on your server with the new version.
Author
yuan
Size
12.2 MB
Extension
zip
Views
171
First release
Last update
Rating
0.00 star(s) 0 ratings

More resources from yuan