This announcement details the required steps to perform this security update to your IPB 2.1.4 or IPB 2.0.4 installation. If you have yet to upgrade to IPB 2.1.4 or IPB 2.0.4, do so before running this security update.
If you have downloaded IPB 2.1.4 or IPB 2.0.4 AFTER 3:00pm GMT (10:00am EST) then you can disregard this notice as the main download zip has been updated.It has come to our attention that a potential XSS attack exists in all versions of IPB 2.x.x which can allow reading of cookie data when using IE.
Downloading the IPB 2.1.4 (30-01-06) PatchPlease make sure you're logged in to your
client center. Once logged in, please visit this
download page and download the patch.
Downloading the IPB 2.0.4 (30-01-06) PatchPlease make sure you're logged in to your
client center. Once logged in, please visit this
download page and download the patch.
Once the patch is downloaded to your harddrive, unzip and upload the patched files over the ones on your webserver. The directory structure has been preserved for your convenience.There is no need to run the IPB upgrade system and no langauge or template files have been modified for this update. Link To Original Article 
Welcome to Your vBulletin Resource
Improve Your Community Today
04-22-2006, 08:42 AM 
Posts: 87
Community Forums 
Similar Threads 
