Weve been reported (thanks to jakovits) a cross site scripting vulnerability in 4images 1.7 1.7.11. To fix this: In global.php find $string = preg_replace('#</(applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base)[^>]*>#i',"",$string); and replace it with $string = preg_replace('#</(applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base)[^>]*(>|$)#i',"",$string); The post 4images 1.7 1.7.11: Security fixes for XSS appeared first on 4images gallery.
The new version 4images 1.7.12 has been released. This contains bugfixes and security fixes (thanks to Tim at curesec.com!). We recommend all users to update to the current version. All changes and features are listed in docs/Changelog.txt. More informat
zum Artikel gehenThe new version 4images 1.7.13 has been released. This contains some bugfixes and security fixes. We recommend all users to update to the current version. All changes and features are listed in “docs/Changelog.txt”. More information can be found here: h
zum Artikel gehenThe new version 4images 1.7.11 has been released. This release comes with some improvements, bugfixes and security fixes. We recommend all users to update to the current version. All changes and features are listed in docs/Changelog.txt. More information
zum Artikel gehenThe new version 4images 1.8 has been released. This contains some bugfixes and security fixes and PHP7 compatibility. We recommend all users to update to the current version. All changes and features are listed in “docs/Changelog.txt”. More information c
zum Artikel gehenThe new version 4images 1.10 has been released. This release brings a bunch of bug fixes and improvements. We recommend all users to update to the current version. All changes and features are listed in “docs/Changelog.txt”. More information can be found
zum Artikel gehen