A security issue has been discovered in IP.Board 3.1.x that could potentially allow a malicious user to insert JavaScript or other code into your community.
The damage this sort of attack can do is <b>drastically</b> mitigated by IP.Board's use of HTTP-only cookies and other security measures.
As part of our continued dedication to security enhancement, we are releasing a simple patch for IP.Board 3.1.2 to address this issue. If you are running IP.Board versions less than 3.1.2 simply upgrade your software version.
Download Patch
Simply upload the attached file to: admin/sources/classes/bbcode/custom/defaults.php
<a href="http://community.invisionpower.com/index.php?app=core&module=attach§ion=attach&attach_id=25768" target="_blank"><img src="http://community.invisionpower.com/public/style_extra/mime_types/zip.gif" border="0" class="linked-image" /></a>
<a href="http://community.invisionpower.com/index.php?app=core&module=attach§ion=attach&attach_id=25768" target="_blank">312_sept_patch.zip</a> <b>(21.62K)</b>
: 94
The main download zip has been updated at the time of this post.
<a href="http://community.invisionpower.com/topic/320838-ipboard-31x-security-patch-released/" target="_blank"><b>Читать дальше...</b></a>
<a href="http://translate.google.com/translate?u=http://community.invisionpower.com/topic/320838-ipboard-31x-security-patch-released/&langpair=en%7Cru" target="_blank"><b>Перевод...</b></a>
The damage this sort of attack can do is <b>drastically</b> mitigated by IP.Board's use of HTTP-only cookies and other security measures.
As part of our continued dedication to security enhancement, we are releasing a simple patch for IP.Board 3.1.2 to address this issue. If you are running IP.Board versions less than 3.1.2 simply upgrade your software version.
Download Patch
Simply upload the attached file to: admin/sources/classes/bbcode/custom/defaults.php
<a href="http://community.invisionpower.com/index.php?app=core&module=attach§ion=attach&attach_id=25768" target="_blank"><img src="http://community.invisionpower.com/public/style_extra/mime_types/zip.gif" border="0" class="linked-image" /></a>
<a href="http://community.invisionpower.com/index.php?app=core&module=attach§ion=attach&attach_id=25768" target="_blank">312_sept_patch.zip</a> <b>(21.62K)</b>
: 94
The main download zip has been updated at the time of this post.
<a href="http://community.invisionpower.com/topic/320838-ipboard-31x-security-patch-released/" target="_blank"><b>Читать дальше...</b></a>
<a href="http://translate.google.com/translate?u=http://community.invisionpower.com/topic/320838-ipboard-31x-security-patch-released/&langpair=en%7Cru" target="_blank"><b>Перевод...</b></a>