HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Search
-
Re: Vanilla 2.1.7 released
Just a little squeak not many people will notice and won't matter to hardly anyone... but the diff @Linc pointed to seems to include one change (library/database/class.database.php) that was already in the 2.1.6 zip (at least the one from github). I downloaded 2.1.6 and 2.1.7 from github and built my own diff and compared… -
Vanilla 2.1.7 released
This is a critical security upgrade for all forums. Download it now: http://vanillaforums.org/addon/vanilla-core-2.1.7 9 files changed. View the diff. Security: * Fix for CSRF potential in posting & editing discussions. * Fix for allowing unauthorized Format changes to discussions (possible XSS vector when combined with…
2 results