Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to IPS!

Feel free to browse our community to get a feel for how our community software operates. Post in the pre-sales forum with any questions you have before purchasing or use the Test Posting forum to post a few messages yourself! You can also get a free demo to try the IPS Community Suite yourself.

Already an active IPS client?

Login with the same email address and password you use for the client area to access client-only areas.

0

IP.Board 2.3.4 Security Enhancements (02-20-08)

Started by IPS News, Feb 20 2008 10:44 AM

Please log in to reply

No replies to this topic

#1 IPS News

Public Relations

IPS Staff
712 posts

Posted 20 February 2008 - 10:44 AM

IP.Board 2.3.4 Security Enhancements

We are releasing a minor security update to address issues recently reported regarding areas of IP.Board 2.3.4. These security issues are rather low priority and the impact is minimal due to other security features in the software.

Issue

Due to Internet Explorer's overly zealous and often ambitious parsing engine, specifically crafted BBCodes can contain javascript. This issue is mitigated due to the use of httpOnly cookies which makes this more of a nuisance than a genuine threat.

Patching Your IP.Board

The IP.Board 2.3.4 download in the client area has already been updated with the required changes. If you download IP.Board after the date of this announcement your installation will be up to date.

Changed Files
Download the zip file below which includes only the changed files for this update. Simply upload and overwrite the old files.