XMB Forum Software
Not logged in [Login - Register]
Go To Bottom

Printable Version  
Author: Subject: [Critical] Patch for Attachments
miqrogroove
XMB 1.9.12 Lead Developer
*********


Avatar


Posts: 369
Registered: 10-1-2002
Location: Florida
Member Is Offline

Mood: Past Three O'Clock

[*] posted on 3-21-2009 at 11:05 PM
[Critical] Patch for Attachments


Issue #312

Bug Source: XMB-1.9.11.00.zip through XMB-1.9.11.04.zip

Symptoms: The "Move to Database" links in the attachments panel cause unexpected data loss.

Security Impact: This command also could be triggered by a CSRF attack in a very unlikely set of circumstances.

Workaround: It is recommended that you delete the file attach-admin.inc.php from your server unless it can be patched immediately.

Fixed By: XMB-1.9.11.05.zip and later are not affected.

Patch: Attachment: XMB-1.9.11-attachments-critical.patch.txt (556B)
This file has been downloaded 492 times
View user's profile Visit user's homepage View All Posts By User

  Go To Top

Powered by XMB 1.9.12 Beta 2 (Debug Mode)
XMB Forum Software © 2001-2020 The XMB Group
[Queries: 16] [PHP: 8.0% - SQL: 92.0%]
Thanks to competitions website.