Update! Website updated to 1.4.8

Status
Not open for further replies.
title_logo.png

Today, we are upgrading to XenForo 1.4.8. This release addresses two potential security vulnerabilities and fixes a number of bugs found since the release of 1.4.7.

The two security issues are XSS vulnerabilities. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access. In the notices system, the name token was not escaped as expected. This could allow specially crafted requests to trigger an XSS for guests (or for a registered user to trigger an XSS on themselves). In the filter list system in the admin control panel, dynamic highlighting when filtering did not escape output properly, potentially triggering an XSS against the user viewing the page.

In addition, some of the bugs fixed in 1.4.8 include:
  • Improved performance in the rich text editor.
  • Fixed trophies not being awarded at session creation as expected.
  • Fix certain cases where the image proxy would unexpectedly fail to detect a valid image.
  • Support downloading attachments with UTF-8 file names in IE.
  • Ensure a more correct following count is shown when viewing a member's profile in some cases.
  • Throw an error when sending a warning and only one of the conversation title or message box has been completed.
  • Fix an incorrect permission check over viewing the moderator actions taken against a thread.
  • Fix incorrect logic relating to the DNSBL cache used at registration.
  • Prune drafts hourly rather than daily.
  • Fix a situation where the spam cleaner would not remove replies by a spammer to their own thread.
  • Ensure that there is no default text decoration on <abbr> tags in Firefox.
  • Use a new "simple" BB code formatter when creating snippets for RSS feeds to prevent unexpected code from running.
  • Update the bundled version of jQuery Migrate to 1.2.1.
  • Copying from the template preview in template modifications did not maintain line breaks in Firefox.
  • Fix an issue importing older attachments from SMF.
  • Fix an issue where the vBulletin importer could infinitely loop.
 
Last edited:
  • Like
Reactions: 8 people
Click to expand...
S

Steph

Sep 15, 2013
2,730
814
113
Steph_JeWeet
Alfred said:
When I approve a request of someone to join an usergroup in the moderation queue, it keeps appearing after I've approved it, is this fixed or wasn't it noticed yet?
Click to expand...

That's what I mean as well with my post Alfrediooo!!!

i love nigga dick
 
Last edited by a moderator:
Alfred

Alfred

Retired Admin
May 18, 2013
4,404
1,256
113
Alfred_Drayton
Steph said:
That's what I mean as well with my post Alfrediooo!!!
Click to expand...
You were talking about a thread not moving and I was talking about approving an usergroup request, but it's probably related to each other, BUT THANKS STEPHIEEEE
 
Bro

Bro

Snitch
May 23, 2015
372
70
28
TITE_AQUINO
Hehehehe nice1.. Now ROAD TO SYNC SHOOT .. And please remove the inactive admins add some more moderators its gonna be Fun.
 
HankS

HankS

Old-School 2014
Jun 29, 2014
4,782
1,612
113
Marcus_W™ said:
Hehehehe nice1.. Now ROAD TO SYNC SHOOT .. And please remove the inactive admins add some more moderators its gonna be Fun.
Click to expand...
#RoadToSync Supported, mate! We're still waiting for that storm of updates that barney said he'll unleash... Couple of weeks have gone by, and yet no sync.
 
dallaz

dallaz

Jul 18, 2014
3,366
1,332
113
Dallas_Slash
I wasn't able to open forums but now it seems good.

Tapatalk dwara bheja gaya sandesh mere HTC M8 se.
 
Viresh

Viresh

Apr 15, 2013
3,740
2,174
113
Viresh_Ramcharan
where is the promised server update

nobody waited for a forum update lmao, this is a xenforo copy paste.. (dont get me wrong though, I love optimalising the forums.. but cmon)
 
Last edited by a moderator:
  • Like
Reactions: 3 people
Status
Not open for further replies.
Top Bottom