Codoforum 4.8.4 is released.
It includes a patched XSS vulnerability, it also fixes a few other issues:
[4.8.4]
- Fix bug showing duplicate users when users have multiple roles
- Fix bans not applying for uni login and sso plugins
- Fix mentions style and 404 avatars
- Fix for custom user fields
- Security fixes (Read below)
- Add manage freichat link
- Fix instant notifications
- Updated less compiler to 0.5.0
Read more about the XSS vulnerability here:
[link: stored-xss-vulnerability-in-codoforum ]
Since PHP 7.4 was released a few weeks ago, the next release will be targeted towards PHP 7.4 compatibility and a few more performance enhancements.
Codoforum 4.8.4 is released.
It includes a patched XSS vulnerability, it also fixes a few other issues:
[4.8.4]
- Fix bug showing duplicate users when users have multiple roles
- Fix bans not applying for uni login and sso plugins
- Fix mentions style and 404 avatars
- Fix for custom user fields
- Security fixes (Read below)
- Add manage freichat link
- Fix instant notifications
- Updated less compiler to 0.5.0
Read more about the XSS vulnerability here:
[link: [stored-xss-vulnerability-in-codoforum](https://medium.com/@prasanthc41m/cve-2020-5842-stored-xss-vulnerability-in-codoforum-4-8-3-b2e1133c6a91) ]
Since PHP 7.4 was released a few weeks ago, the next release will be targeted towards PHP 7.4 compatibility and a few more performance enhancements.
Necessity is the mother of all inventions!
edited Jan 14 '20 at 11:17 pm