XenForo 2.0.9 - (Security Fix) - Full & Upgrade - Nulled By NulledTeam

26-07-2018, 11:28 PM

DeCarvalho Wrote: //PLEASE DM ME IF THE LINK APPEAR TO BE DOWN - I'LL RE-UPLOAD

No, you're not imagining it - wearedoing another release, just a day after therelease of 2.0.8.

XenForo 2.0.9 fixes a flaw that could potentially be exploited to create a cross-site scripting vulnerability. We recommend that all customers running XenForo 2.0 upgrade to 2.0.9 or use the attached patch file as soon as possible. Note that if you are applying the patch rather than doing a full upgrade to 2.0.9, you will need to applythe 2.0.8 patchtoo.

XenForo extends thanks to Thomas Schneider for identifying the issue.

The issue is a XSS vulnerability. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access.

Applying a Fix: Upgrading
You may upgrade to 2.0.9 to fix this issue. You should upgrade as you would to any other release.

Customers with an active license may download 2.0.9 from theircustomer area. Full details for how toinstallandupgradeXenForo can be found in theXenForo Manual.

[spoiler="Full"]
Content has been stripped. Go to the quoted post to view the content.[/spoiler]
[spoiler="Upgrade"]
Content has been stripped. Go to the quoted post to view the content.[/spoiler]