JEvents 1.5 (No longer actively supported)

XSS Security Vulnerability for JEvents 1.5.6

JEvents 2.0 was launched over 2 years ago and the latest stable version is version 2.2 which will run on Joomla 1.5 and Joomla 2.5. JEvents 1.5 is therefore no longer actively supported - you should upgrade to JEvents 2.2+ as soon as possible.
Forum rules
Please include as much detail in any test or bug reports for JEvents 1.5 as possible.

First of all, check if you are running the latest available version of Joomla! and JEvents. Posts for issues, where both systems are not updated, will be ignored.

We need the following at least:

* PHP version (e.g. 5.2.5). Note: Support for PHP4 is discontinued.
* Joomla! version
* JEvents version
* Web Server software (Apache or IIS with version number if possible)
* Server Operating system (e.g. Linux, Windows, Solaris, Darwin ...)
* Database version
* memory_limit from your phpinfo
* Web browser and version

Please enable error reporting and include any error messages in your posting. You do this via the Joomla Configuration - set "error reporting" to "maximum" on the Server tab.

Finally, please describe the steps required to recreate the problem and also please enable error reporting and give us any error messages generated.

Postby clydejsn » Sat Jan 07, 2012 2:35 am

Hello! I would like to start by thanking you for this excellent calendar component!

I have a couple of questions.

First, I am a somewhat new to Joomla and am using Joomla 1.5.17. I am also using JEvents 1.5.6. (Which I just upgraded from JEvents 1.5.2) The reason I didn't upgrade to 2.0 was because of the warning: "If you are using Joomla 1.5 then you must install and enable the language override plugin so that the language files are loaded correctly. ALSO you must enable Joomla MooTools Upgrade plugin." I see the link to the language override plugin, but I am not familiar with the Joomla MooTools Upgrade plugin, and I already have MooTools enabled on my website in my template, so I am afraid of there being a conflict.

My questions are: Does JEvents 1.5.6 fix the xss security vulnerability issue? (Keeping fingers crossed) Is it a serious threat? I do not allow front end access to the calendar. If I must upgrade to 2.0, do I install the language override plugin before or after the upgrade, and how do I access/install the MooTools Upgrade plugin?

Thank you so very much for your time.
clydejsn
 
Posts: 2
Joined: Sat Jan 07, 2012 2:15 am

Postby Tonyp » Sat Jan 07, 2012 8:36 am

Hello and weclome,

1.5.6 does indeed fix the xss problem.

Jevents does not have a Mootools plugin, the plugin we are referring to is the one used and built into Joomla :).

The language over ride plugin can be installed before or after.

I hope this helps clear things up.

Regards
Tony
---------------------------------------
Feel free to PM me if you would like Custom Installs or Joomla! related work for a competitive quote.

User avatar
Tonyp
Team Staff
 
Posts: 23713
Joined: Tue Oct 12, 2010 9:12 pm
Location: Isle of Man

Postby clydejsn » Sat Jan 07, 2012 12:57 pm

Thank you so much for the fast response! I am so relieved! Thank you for addressing each of my questions. JEvents is an excellent component with super customer service. You guys are awesome!
clydejsn
 
Posts: 2
Joined: Sat Jan 07, 2012 2:15 am

Postby Tonyp » Sat Jan 07, 2012 1:39 pm

Glad to have helped :).

Don't forget to make Jevents even better we have plugins available to club members.

Features chart:

http://www.jevents.net/en/jevents-club/features-chart

Regards
Tony
---------------------------------------
Feel free to PM me if you would like Custom Installs or Joomla! related work for a competitive quote.

User avatar
Tonyp
Team Staff
 
Posts: 23713
Joined: Tue Oct 12, 2010 9:12 pm
Location: Isle of Man


Return to JEvents 1.5 (No longer actively supported)

  • Who is online
  • View new posts
  • View unanswered posts
  • In total there is 1 user online :: 1 registered and 0 hidden (based on users active over the past 5 minutes)
  • Most users ever online was 94 on Tue Sep 01, 2009 12:33 am
  • Users browsing this forum: Bing [Bot]