In association with heise online

26 December 2006, 00:19

Weak point closed in phpBB

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The developers of phpBB have released version 2.0.22 of the forum software, which, in addition to making some cosmetic improvements, closes some security holes.

The new version of the software takes a closer look at the avatar upload directory and changes the criteria for bad redirection targets. The programmers have also closed a cross-site scripting hole in the display of private messages and sessions checks have been added to various forms.

The developers recommend that all users update their phpBB as quickly as possible. They also remind administrators to execute the database update script to complete the update.

See also


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit