×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: Security: XSS vulnerability in 4.0 b1

Security: XSS vulnerability in 4.0 b1 14 years 10 months ago #8471

  • Nils Ally
  • Nils Ally's Avatar
  • Offline
  • Gold Boarder
  • Gold Boarder
  • Posts: 299
  • Thank you received: 33
My version was paid, but I don't think there's any difference to the free ones.
So JonusC, let me know when you're done checking out all the free templates and paid ones just to be safe, around the planet. -just a around 100,000 left :laugh:

No, their templates are not designed with !JoomlaComment in mind.
As I said, this may be something isolated at my end. I mention this since it was a new event here after upgrading to the beta2, and might be of importance if others experience the same.

I have now changed the template due to what ever was going on, and now it's all fine again.
So this is not something to put effort into, unless others report similar problems.

It's more important to get the dual styles working. Like red and large text. I guess that's the same problem for others.

Security: XSS vulnerability in 4.0 b1 14 years 9 months ago #8543

  • Daniel Dimitrov
  • Daniel Dimitrov's Avatar
  • Away
  • Administrator
  • Administrator
  • Posts: 9618
  • Karma: 155
  • Thank you received: 1081
I will release it officially tomorrow. It should fix all problems with XSS and the ubb should also just work great :)

This release fixes a lot of stuff. Here is the changelog:

************ 2010/01 : !joomlacomment 4.0 RC1
# Fixes problems with the ubbcode
# Fixed wierd code with some emoticons - compojoom.com/forum/6-bug-report/6422-we...en-you-use-emoticons
# Fixed bug with 404sef
# Anonymous comment edited from admin keeps original comment's IP

************ 2010/01 : !joomlacomment 4.0 Beta 2a
# UBBCode class re-written - no longer vulnerable to XSS attacks
# Layout fixes and tweaks to modern template
# Bug #87 and #88 - Voting and Search will no longer jump to the CommentForm anchor
$ French frontend language updated
$ Svenska frontend language updated

joomlacomment4-20100127.zip
  • Page:
  • 1
  • 2
Time to create page: 0.117 seconds