|
| |||||||
|
Welcome to the vBulletin Enhancement forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. Please note. All of our products require vBulletin Forum Software. To purchase vBulletin, please click the link in the Navbar above. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 | vBulletin 3.6.4 Released - Upgrade or Patch Today!this thread has 1 replies and has been viewed 1458 times |
 |
| | LinkBack | Thread Tools | Display Modes |
11-23-2006, 09:30 AM
| #1 | ||
| Administrator  Join Date: Oct 2005 
Posts: 370
Rep Power: 10  |
As posted by Kier: vBulletin 3.6.4 The discovery of a potential cross-site scripting (XSS) issue in the administrators control panel has necessitated the preventative release of vBulletin 3.6.4 Due to several mitigating factors, this issue is hard to exploit and careful browsing by the admins can prevent it entirely. Nonetheless, we strongly recommend that all of our customers upgrade or apply the patch as soon as possible. Additionally, vBulletin 3.6.4 includes fixes for several non-security-related bugs, see here for a full list. Updating your vBulletin to combat the XSS issue: Please note that this issue is present in other versions of vBulletin as well. Please see the appropriate announcement! You have two options to fix the XSS issue:
We strongly recommend you actively take steps to address this issue. However, if this is not possible, we recommend that administrators only log into the control panel when work is necessary. While you are logged into the control panel, do not click unknown links. Log out from the control panel using the link in the upper right of the screen immediately after finishing your work. If you are unexpectedly presented with the control panel login screen after clicking a link, do not login. PHP and MySQL Requirements Please note that vBulletin 3.6.x requires at least PHP 4.3.3 and MySQL 4.0.16 or later. (Note: the template changes in 3.6.3 - 3.6.4 do not require an update of your vBE style. All 3.6.2 styles will work on 3.6.4, just remember to 'Ignore version' when uploading.  )
__________________ vBSEO: Better web rankings & more traffic for your vBulletin forum | ||
|  |
|
11-25-2006, 06:58 PM
| #2 | ||
| Junior Member Join Date: Nov 2005
Posts: 29
Rep Power: 0  | the updates are quick this time around. but at least it's staying secure
__________________ -= Brandon Sheley =- vBulletin Setup - Free Link Directory - Link Directory - Free Myspace Styles | ||
|
| |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
