IPS has been notified of a security issue with IP.Content 1.2.0 which may introduce the ability for a remote user to inject malicious SQL into a URL. This SQL could damage or compromise the security of your community.
We would like to thank Alex Smith for reporting this issue to us.
Patching your IP.Content Install
If you are running a version of IP.Content less than 1.2.0: upgrade your install today. The IP.Content 1.2.0 download in the client area has already been updated to include the patched files.
If you are running IP.Content 1.2.0: upload the attached file to: admin/applications_addon/ips/ccs/sources/functions.php
Please submit a support ticket if you have any questions.
- functions.zip (2K)
Source: Click Here