|
Who's Online |
|
We have 1 guest and 0 members online
You are an anonymous user. You can register for free by clicking here
|
|
|
|
|
|
|
|
cheap softwarediscount software |
|
|
|
|
|
|
|
The Postnuke development team has been made aware of a possible exploit derived of the unrestricted use of some html/js parameters, in light of this the Security response team has enhanced the security layer (pnSecureInput) in order to protect from this situations to become a real threat for our sites.
It is recommended that you install this ASAP.
Please read on...
In order to apply this patch you need to be currently using PostNuke phoenix either 0.7.2.2 if you do not, please upgrade to 0.7.2.2 and then apply the fix.
In order to apply the fix, replace your current pnAPI.php file with the one included in the fix.
the location of your pnAPI.php file is /includes/pnAPI.php so just overwrite it with the new one and please, and I can not stress this enough go to your settings area and enable the pnAntiCracker option ASAP.
Soon we will update the current packages to include this fix. In the mean time please apply this patch.
The fix can be obtained here: http://developers.postnuke.com/modules.php?op=modload&name=Downloads&file=index&req=viewsdownload&sid=6
This is a temporary patch until we can create the security rules module which will hold the security rules and will allow easier and faster updates on line without the need of replacing code, this new fix may block some urls from displaying at this time in articles or other areas of the portal but its better now to close the gap and then fine tune it.
Thanks in advanced
|
| |
|
New Security Patch for [Phoenix branch] | Login/Create an account | 0 Comments |
| Comments are owned by the poster. We aren't responsible for their content. |
|
|
|