IP.Board 2.2.x XSS Update

Find the latest vBulletin information about IP.Board 2.2.x XSS Update relating to Forum Software at The Staff Lounge. This was a vBulletin news entry posted 1 year, 1 month ago. IP.Board 2.2.x XSS Update.

« vBulletin 3.6.7 (skins fully updated and a few changes)
New Default Skin »

IP.Board 2.2.x XSS Update

43 views Published 1 year, 1 month ago in Forum Software

IP.Board 2.2.x Possible XSS Issue

It has come to our attention that IP.Board 2.2.x may be vulnerable to an XSS (cross-site scripting) attack by injecting JavaScript into supplementary files used by our rich text editor. It should be noted that this damage is mitigated by the “HttpOnly” cookies which were introduced into IP.Board 2.2.0. This means that sensitive cookies in IP.Board 2.2.0 and higher cannot be read by JavaScript which could be crafted using this issue.

This update is very simple and straightforward and only affects these supplementary files. The attached zip file contains all the required files. Simply upload them over the existing files on your server.

Tags: No tags for this post. Print This Post

No Responses to “IP.Board 2.2.x XSS Update”  

View Original    View Source Feed for this Entry Trackback Address
  1. No Comments

Leave a Reply


Search

About This Entry

About This Entry
  • You’re currently reading “IP.Board 2.2.x XSS Update,” an entry on The Staff Lounge

  • Published at 5.30.07 / 11am

Related Entries

Related
    • No related posts.

Recommended Areas

Recommended Areas

Reviews Forum Reviews
Professional feedback.

Articles Forum Articles
Quality articles.

Powered By

Living Off

Forums Powered By vBulletin Blog Powered By Wordpress Skin Designed By Binary Bonsai