During internal testing, we discovered a security issue within XenForo. The issue is known as a server-side request forgery (SSRF). This could allow an attacker to use your server to bypass your server's firewall and make internal requests. Depending on the services found, this could lead to privilege escalation or remote code execution.
This is a potentially serious issue and we strongly recommend all customers running XenForo 1.4 or older follow one of the below methods to fix this...
XenForo 1.4.13 Released (Security Fix)
Written by XenForo - (Weiterlesen)
App installieren
So wird die App in iOS installiert
Folge dem Video um zu sehen, wie unsere Website als Web-App auf dem Startbildschirm installiert werden kann.
Anmerkung: Diese Funktion ist in einigen Browsern möglicherweise nicht verfügbar.
Du verwendest einen veralteten Browser. Es ist möglich, dass diese oder andere Websites nicht korrekt angezeigt werden.
Du solltest ein Upgrade durchführen oder einen alternativen Browser verwenden.
Du solltest ein Upgrade durchführen oder einen alternativen Browser verwenden.
News aus der Forenwelt
Filter
Filtern nach:
Laden…
In order to apply the security fix included in XenForo 1.4.13 or 1.5.10 to XenForo Media Gallery 1.0, XenForo Media Gallery 1.0.10 has been released.
This fixes the server-side request forgery (SSRF) security issue. This could allow an attacker to use your server to bypass your server's firewall and make internal requests. Depending on the services found, this could lead to privilege escalation or remote code execution.
This is a potentially serious issue and we strongly recommend all...
XenForo Media Gallery 1.0.10 Released (Security Fix)
Written by XenForo - (Weiterlesen)
Today, we are pleased to release XenForo 1.5.9. This release fixes a number of bugs and issues that were found since the release of 1.5.8. As this is a maintenance release, the vast majority of the focus was an increase in stability.
Some of the bugs fixed in 1.5.9 include:
Improved compatibility with upcoming PHP 7.1 release.
Add basic email typo detection for specific cases to reduce false positives with StopForumSpam checks.
Indicate when a StopForumSpam result is from a...
XenForo 1.5.9 Released
Written by XenForo - (Weiterlesen)
XenForo Media Gallery 1.1.8 is a maintenance release for our media gallery add-on. We recommend all customers running XenForo Media Gallery to upgrade to 1.1.8 to benefit from increased stability.
This release fixes several bugs that were reported following the release of XenForo Media Gallery 1.1.7:
Improved compatibility with upcoming PHP 7.1 release.
Improved the performance of marking large numbers of media as viewed.
Workaround a situation where MySQL's wait_timeout...
XenForo Media Gallery 1.1.8 Released
Written by XenForo - (Weiterlesen)
XenForo Enhanced Search 1.1.5 is a maintenance release for our search add-on. We recommend all customers running XenForo Enhanced Search upgrade to 1.1.5 to benefit from increased stability.
This changes in this release include::
Improve compatibility with the upcoming Elasticsearch 5 release.
Do not treat a "-" with spaces around it as a negation operator in searches.
Fix a situation where errors when indexing would be erroneously detected, causing a "no response" error to...
XenForo Enhanced Search 1.1.5 Released
Written by XenForo - (Weiterlesen)
Today, we are pleased to release XenForo 1.5.8. This release fixes a number of bugs and issues that were found since the release of 1.5.7. As this is a maintenance release, the vast majority of the focus was an increase in stability.
This release includes fixes for 2 security-related issues reported by Julien Ahrens (from www.innogames.com). We consider these issues to be very minor and are very unlikely to be exploitable, so they have been included as...
XenForo 1.5.8 Released
Written by XenForo - (Weiterlesen)
XenForo Media Gallery 1.1.7 is a maintenance release for our media gallery add-on. We recommend all customers running XenForo Media Gallery to upgrade to 1.1.7 to benefit from increased stability.
This release fixes several bugs that were reported following the release of XenForo Media Gallery 1.1.6:
Change so that unsharp masking is not allowed to happen with some image resize operations.
Fix for an issue that could have seen invalid values entered as a thumbnail path for a...
XenForo Media Gallery 1.1.7 Released
Written by XenForo - (Weiterlesen)
XenForo Media Gallery 1.1.6 is a maintenance release for our media gallery add-on. We recommend all customers running XenForo Media Gallery to upgrade to 1.1.6 to benefit from increased stability.
This release fixes several bugs that were reported following the release of XenForo Media Gallery 1.1.5:
Added a new option to control the thumbnail quality of JPG thumbnails.
Added a new unsharp mask filter to the thumbnail process to make thumbnails appear sharper.
The cached...
XenForo Media Gallery 1.1.6(a) Released
Written by XenForo - (Weiterlesen)
Today, we are pleased to release XenForo 1.5.7. This release fixes a number of bugs and issues that were found since the release of 1.5.6. As this is a maintenance release, the vast majority of the focus was an increase in stability.
Please note that we are now formally recommending that you upgrade to PHP 5.4 or newer. Our intention with XenForo 2.0 is to require PHP 5.4 or newer. If you are running PHP 5.3 or 5.2, you will receive a warning when installing or upgrading XenForo.
Some of...
XenForo 1.5.7 Released
Written by XenForo - (Weiterlesen)
XenForo Media Gallery 1.1.6 is a maintenance release for our media gallery add-on. We recommend all customers running XenForo Media Gallery to upgrade to 1.1.6 to benefit from increased stability.
This release fixes several bugs that were reported following the release of XenForo Media Gallery 1.1.5:
Added a new option to control the thumbnail quality of JPG thumbnails.
Added a new unsharp mask filter to the thumbnail process to make thumbnails appear sharper.
The cached...
XenForo Media Gallery 1.1.6 Released
Written by XenForo - (Weiterlesen)
XenForo Enhanced Search (XFES) 1.1.4 is a maintenance release for our add-on that replaces XenForo's built in search engine with one powered by Elasticsearch to provide greater performance and better search results.
This release fixes several bugs:
Prevent creating result sizes greater than Elaticsearch's default index.max_result_window value (10000).
Improve error handling in newer versions of Elasticsearch and prevent this error handling...
XenForo Enhanced Search 1.1.4 Released
Written by XenForo - (Weiterlesen)
Today, we are pleased to release XenForo 1.5.6. This release fixes a number of bugs and issues that were found since the release of 1.5.5. As this is a maintenance release, the vast majority of the focus was an increase in stability.
In addition to the usual bug fixes, we've made a few improvements:
In June, PayPal will be making changes to force all requests to use TLS 1.2. If your server does not support TLS 1.2, after this date, user upgrades will not be processed correctly. As...
XenForo 1.5.6 Released
Written by XenForo - (Weiterlesen)
XenForo Media Gallery 1.1.5 is a maintenance release for our media gallery add-on. We recommend all customers running XenForo Media Gallery to upgrade to 1.1.5 to benefit from increased stability.
In addition to the usual bug and stability focus we have added beta support for importing from the IP Gallery versions which were designed to work with IP Board 4.0 and IP Board 4.1.
This release fixes several bugs that were reported following the release of XenForo Media Gallery 1.1.4:
...
XenForo Media Gallery 1.1.5 Released
Written by XenForo - (Weiterlesen)
XenForo Resource Manager 1.2.3 is a maintenance release for our resource manager add-on. We recommend all customers running XenForo Resource Manager 1.2 upgrade to 1.2.3 to benefit from increased stability.
This release fixes several bugs that were reported following the release of XenForo Resource Manager 1.2.2:
Fix an issue where clicking the "Updated Resource File" label focuses the wrong input while adding a new version.
Fix for an 'Undefined index error' in...
XenForo Resource Manager 1.2.3 Released
Written by XenForo - (Weiterlesen)
Today, we are pleased to release XenForo 1.5.5. This release fixes a number of bugs and issues that were found since the release of 1.5.3. As this is a maintenance release, the vast majority of the focus was an increase in stability.
Please note that we are now formally recommending that you upgrade to PHP 5.4 or newer. Our intention with XenForo 2.0 is to require PHP 5.4 or newer. If you are running PHP 5.3 or 5.2, you will receive a warning when installing or upgrading XenForo.
Some of...
XenForo 1.5.5(a) Released
Mehr dazu -->
Today, we are pleased to release XenForo 1.5.5. This release fixes a number of bugs and issues that were found since the release of 1.5.3. As this is a maintenance release, the vast majority of the focus was an increase in stability.
Please note that we are now formally recommending that you upgrade to PHP 5.4 or newer. Our intention with XenForo 2.0 is to require PHP 5.4 or newer. If you are running PHP 5.3 or 5.2, you will receive a warning when installing or upgrading XenForo.
Some of...
XenForo 1.5.5 Released
Mehr dazu -->
XenForo Media Gallery 1.1.4 is a maintenance release for our media gallery add-on. We recommend all customers running XenForo Media Gallery to upgrade to 1.1.4 to benefit from increased stability.
This release fixes several bugs that were reported following the release of XenForo Media Gallery 1.1.3:
Tweak to attachment uploader styling
Better support for RTL languages when tagging users in media
Couple of small permission checks in templates
Change so that the auto...
XenForo Media Gallery 1.1.4 Released
Mehr dazu -->
During routine internal testing, we discovered a security issue within XenForo 1.3 and newer. The issue allows a cross site scripting (XSS) attack to potentially be triggered via a specially crafted profile post. XSS issues may allow an attacker to steal data (including cookies) or force a user to take actions without their consent or knowledge (possibly including administrative actions).
We strongly recommend all XenForo customers follow one of the steps below to resolve this issue....
XenForo 1.5.4 Released (Security Fix)
Mehr dazu -->
During routine internal testing, we discovered a security issue within XenForo 1.3 and newer. The issue allows a cross site scripting (XSS) attack to potentially be triggered via a specially crafted profile post. XSS issues may allow an attacker to steal data (including cookies) or force a user to take actions without their consent or knowledge (possibly including administrative actions).
We strongly recommend all XenForo customers follow one of the steps below to resolve this issue....
XenForo 1.4.12 Released (Security Fix)
Mehr dazu -->
During routine internal testing, we discovered a security issue within XenForo 1.3 and newer. The issue allows a cross site scripting (XSS) attack to potentially be triggered via a specially crafted profile post. XSS issues may allow an attacker to steal data (including cookies) or force a user to take actions without their consent or knowledge (possibly including administrative actions).
We strongly recommend all XenForo customers follow one of the steps below to resolve this issue....
XenForo 1.3.10 Released (Security Fix)
Mehr dazu -->