Compatible XF Versions
  1. 2.0
Today, we are releasing XenForo 2.0.8 to address a potential security vulnerability. We recommend that all customers running XenForo 2.0 upgrade to 2.0.8 or use the attached patch file as soon as possible.

The issue is a XSS vulnerability. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access.

Specifically, the issue relates to specially crafted text entered into messages and output using the structured text system (used in profile posts and comments).

Thank you to @batpool52! for identifying the issue and reporting it to us.

There are no other fixes included in this version. There will be a further maintenance release (2.0.9) in the coming weeks.

Applying a Fix: Upgrading

You may upgrade to 2.0.8 to fix this issue. You should upgrade as you would to any other release.
Author
Admin
Size
7.6 MB
Extension
zip
Downloads
24
Views
1,800
First release
Last update

More resources from Admin

Similar resources

XenForo Full (Includes Security Fix) AnimeHaxor
XenForo 2.1.7 (Includes Security Fix) - Full Nulled By NulledTeam
0.00 star(s) 0 ratings
Downloads
17
Updated
XenForo Full (Includes Security Fix) Admin
XenForo 2.1.11 (Includes Security Fix) - Full Nulled By NulledTeam
0.00 star(s) 0 ratings
Downloads
4
Updated
XenForo Full (Includes Security Fix) Admin
XenForo 2.2.1 Full Nulled By NulledTeam (Includes Security Fix)
0.00 star(s) 0 ratings
Downloads
7
Updated
XenForo Full (Includes Security Fix) Admin
XenForo 2.1.12 Full Nulled By NulledTeam (Includes Security Fix)
0.00 star(s) 0 ratings
Downloads
6
Updated
XenForo Full (Security Fix) AnimeHaxor
XenForo 2.0.11 - Full (Security Fix) Nulled By NulledTeam
0.00 star(s) 0 ratings
Downloads
19
Updated