The damage this sort of attack can do is mitigated by IP.Board's use of HTTP-only cookies and other security measures.
As part of our continued dedication to security enhancement, we are releasing a simple patch for IP.Board 3.0.5 to address this issue. If you are running IP.Board versions less than 3.0.5 simply upgrade your software version. Note that this issue does not exist in IP.Board 3.1.0 Beta 2 and beyond.
Simply upload the attached file to: admin/sources/classes/bbcode/custom/defaults.php
The main 3.0.5 download zip has been updated as of this date.
Source: Click Here
Welcome to DevFuse Forums
- Start new topics and reply to others
- Subscribe to topics and forums to get email updates
- Get your own profile page and make new friends
- Send personal messages to other members.
Guest Message by DevFuse
(View All Products)Featured Products
Help fund your forum with donations, setup goals and track member donations. Offer rewards for members donating.
Have your members submit their race times and share with others.
Allows your members to submit their own videos for community viewing. Support is included for all the major video sites.
Build your own forms for your members without coding experience. Support included for pm, email and topics.
Build a community database of items for your members. Full features custom fields included.
IP.Board 3.0.x Security Patch Released
No replies to this topic
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users