XenForo Releases

Xenforo 2.1.9 Nulled

Submitted by xuromi, , Thread ID: 169487

Thread Closed
xuromi
Active Member
Level:
4
Reputation:
10
Posts:
422
Likes:
355
Credits:
8.65K
29-04-2020, 06:51 PM
This post was last modified: 29-05-2020, 12:11 AM by xuromi
Working Not Working Link Down
#1
Today, we are releasing XenForo 2.1.9 and XenForo 2.0.13 to address a potential security vulnerability that may affect any customer who makes use of our PayPal payment handler.

As well as user upgrades, this may affect add-ons you have installed which process payments using our PayPal payment handler.

We recommend that all affected customers running XenForo 2.1 or XenForo 2.0 upgrade to 2.1.9 or 2.0.13 or use one of the attached patch files as soon as possible.

Specifically, the issue relates to a specially crafted callback (or IPN) which is then processed successfully using PayPal's sandbox validation endpoint instead of their live system. If successful, a purchase could be completed without your PayPal account actually receiving any funds.

There are no other fixes included in this version. There will be a further 2.1 maintenance release in the coming weeks.

Applying a Fix: Upgrading
You may upgrade to 2.1.9 or 2.0.13 to fix this issue. You should upgrade as you would to any other release.

Upgrade
Content locked
This content has been locked. Please login or register in order to unlock it.

Full
Content locked
This content has been locked. Please login or register in order to unlock it.
This hidden content has been reported as still working 0 times this month.
1 times in total
Respect my time and work.
Don't skip the rules.
Don't be a leecher
Participate in the forum.
3
1337slash, asfainas, Sealatron2

Users browsing this thread: 1 Guest(s)