Skip to content

MyAAC v0.8.26

Choose a tag to compare

View all tags
@slawkens slawkens released this 10 Jun 09:08
· 1 commit to 0.8 since this release
v0.8.26
c64b5e6

Probably one of the latest security updates for 0.8 series.
Upgrade to 1.x ASAP!

Fixed

  • Security: Fix some session vulnerabilities (7176584)
  • Don't trust cloudflare IP, can be spoofed (f5d986a)
  • Patch parseBBCode function from develop, fixing security issues + modify escapeHtml function to use UTF-8 encoding (591b793)
  • Fix: Open Redirect via redirect Parameter (e1f819e)
  • News: Do not cache if logged as admin, so it shows the admin buttons (0f1fd1c)
  • escapeHtml in 404.php (a251ccb)

Removed

  • Remove polls, may have sql injection (c76c95f)
Assets 4
Loading
0 Join discussion