Announcement XenForo 1.2.6 Released (Security Fix)


XenForo, XenForo

Today, we are releasing XenForo 1.2.6 to address a potential security vulnerability that has been identified. We recommend that all customers running XenForo 1.2 or earlier upgrade to 1.2.6 as soon as possible. This fix changes a large number of files so a full upgrade is required.

The security issue relates to XML processing. A specially crafted XML file can be used to enact a denial of service attack or potentially read files from the the file system. This type of vulnerability has been...

XenForo 1.2.6 Released (Security Fix)

Continue reading...