Today, we are releasing XenForo 2.2.11 to address a potential security vulnerability. We recommend that all customers running XenForo 2.2 upgrade to 2.2.11 or use the attached patch file as soon as possible.
The issue relates to HTML attribute injection which can be triggered when rendering editor content, such as when a post is edited or quoted.
XenForo extends thanks to @PaulB, the team at @NamePros and @Xon for reporting the issues.
We recommend doing a full upgrade...
Read more
By: XenForo
The issue relates to HTML attribute injection which can be triggered when rendering editor content, such as when a post is edited or quoted.
XenForo extends thanks to @PaulB, the team at @NamePros and @Xon for reporting the issues.
We recommend doing a full upgrade...
Read more
By: XenForo
