XMB Forum Software
Not logged in [Login - Register]
Search the forums Search   Frequently Asked Questions FAQ   View member list Member List   Today's Posts Today's Posts   Forum Stats Stats   Board Rules Board Rules  Download Download   Git Git   Bugs Bugs   Docs Docs  Back to: XMB Forum Home Page
XMB Forum Software » Support » Fixes / Patches » [Critical] Patch for Attachments Go To Bottom

Printable Version  
Author: Subject: [Critical] Patch for Attachments
miqrogroove
XMB 1.9.12 Lead Developer
*********

Avatar


Posts: 500
Registered: 10-1-2002
Member Is Offline

Mood: Past Three O'Clock

[*] posted on 3-21-2009 at 11:05 PM
[Critical] Patch for Attachments

Issue #312

Bug Source: XMB-1.9.11.00.zip through XMB-1.9.11.04.zip

Symptoms: The "Move to Database" links in the attachments panel cause unexpected data loss.

Security Impact: This command also could be triggered by a CSRF attack in a very unlikely set of circumstances.

Workaround: It is recommended that you delete the file attach-admin.inc.php from your server unless it can be patched immediately.

Fixed By: XMB-1.9.11.05.zip and later are not affected.

Patch: Attachment: XMB-1.9.11-attachments-critical.patch.txt (556B)
This file has been downloaded 638 times
View user's profile Visit user's homepage View All Posts By User

 XMB Forum Software » Support » Fixes / Patches » [Critical] Patch for Attachments   Go To Top

Powered by XMB 1.9.12
XMB Forum Software © 2001-2025 The XMB Group
[Queries: 16] [PHP: 8.5% - SQL: 91.5%]