[Logo] JForum - Powering Communities
  [Search] Search   [Recent Topics] Recent Topics   [Hottest Topics] Hottest Topics   [Top Downloads] Top Downloads   [Groups] Back to home page 
[Register] Register /  [Login] Login 


New: JForum 2.6.0 has been released with many improvements, download it from here
[JForum Security Vulnerabilities Notification]SN-15-01: JFORUM MULTIPLE VULNERABILITIES RSS feed
Forum Index » Announcements
Author Message
andowson


Joined: 2011/6/30
Messages: 213
Offline
Secure Network releases the security advisory SN-15-01 for multiple vulnerabilities found in JForum.

SN-15-01: multiple vulnerabilities have been identified in JForum version 2.1.9 stable and its unofficial updated version 2.3.5, ranging from high-impact issues like Stored Cross-Site Scripting (XSS) and Remote Code Execution (RCE) to lower-impact ones like missing security flag for session cookie. Older versions may also be vulnerable.

Source URL:
https://www.securenetwork.it/en/research/advisories/2015/02/sn-15-01/

Please update to JForum version 2.4.0 or later.
 
Forum Index » Announcements
Go to:   
Mobile view
Powered by JForum 2.6.0 © 2019 JForum Team • Maintained by Andowson Chang and Ulf Dittmer
Website Security Test