IPS News Posted March 14, 2012 Share Posted March 14, 2012 It has come to our attention that a XSS (Cross Site Scripting) attack is possible under specific circumstances when editing a post another member has made. This issue only exists in IP.Board 3.2.0, 3.2.1, 3.2.2 and 3.2.3. We recommend that everyone using these versions apply this simple two file patch. Simply download the zip, expand it on your computer and upload the files to the relevant folders on your server. The directory structure is maintained in the zip so you will have no issues finding the files. If you need assistance, please contact technical support. Patching 3.2.3 march-editor-patch_3_2.zip 30.13K 1061 downloads Patching 3.2.0-3.2.2 Please upgrade to 3.2.3. Please note, this zip file is not compatible with 3.2.2, 3.2.1 or 3.2.0. Note: The main download zip has been updated . View the full article Link to comment Share on other sites More sharing options...
Recommended Posts