JEvents Announcements (Free Access)

XSS Security Vulnerability

Announements from the JEvents team

Postby Geraint » Fri Dec 02, 2011 4:50 pm

An XSS (cross server scripting) security risk has been identified that affects all versions of JEvents since 1.5.0.

You should upgrade to the latest version of JEvents as soon as possible.

The latest version at the time of writing is 2.0.11.

Club member preview version 2.1.4 also includes this fix.

If you are continuing to use version 1.5.5 for some reason then version 1.5.6 is available from http://joomlacode.org/gf/project/jevent ... e_id=16213.
JEvents Club members can get priority forum support at the Support Forum. As well as access to a variety of custom JEvents addons and benefits. Join the JEvents club today!
User avatar
Geraint
 
Posts: 42850
Joined: Fri Feb 15, 2008 6:14 pm

Return to JEvents Announcements (Free Access)

  • Who is online
  • View new posts
  • View unanswered posts
  • In total there are 0 users online :: 0 registered and 0 hidden (based on users active over the past 5 minutes)
  • Most users ever online was 94 on Tue Sep 01, 2009 12:33 am
  • Users browsing this forum: No registered users