XMB Forum Software
Not logged in [Login - Register]
Go To Bottom

Printable Version  
Author: Subject: [Critical] Patch for Attachments
XMB 1.9.12 Lead Developer


Posts: 421
Registered: 10-1-2002
Location: Florida
Member Is Offline

Mood: Past Three O'Clock

[*] posted on 3-21-2009 at 11:05 PM
[Critical] Patch for Attachments

Issue #312

Bug Source: XMB- through XMB-

Symptoms: The "Move to Database" links in the attachments panel cause unexpected data loss.

Security Impact: This command also could be triggered by a CSRF attack in a very unlikely set of circumstances.

Workaround: It is recommended that you delete the file attach-admin.inc.php from your server unless it can be patched immediately.

Fixed By: XMB- and later are not affected.

Patch: Attachment: XMB-1.9.11-attachments-critical.patch.txt (556B)
This file has been downloaded 512 times
View user's profile Visit user's homepage View All Posts By User

  Go To Top

Powered by XMB 1.9.12 (Debug Mode)
XMB Forum Software © 2001-2020 The XMB Group
[Queries: 16] [PHP: 27.9% - SQL: 72.1%]