Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Try Vanilla Forums Cloud product

Security Update: Vanilla

ToddTodd Chief Product Officer Vanilla Staff

We've released an important security update that should be applied immediately to anyone running 2.0.18.*. The new version can be found here.

Here is a summary of what we've done:

  • 2013-11-26 Use SafeRedirect() instead of Redirect() in the discussion controller.
  • 2013-11-26 Added TrustedDomains() and SafeRedirect().
  • 2013-11-26 Don't allow user id override on post.
  • 2013-08-25 Fix Flagging security flaw
  • 2013-08-25 Filter discussion title on categories/all
  • 2013-06-20 Comment notifications should only be sent to people with the "NewComment" preference set.
  • 2013-06-13 Twitter: Change api version to 1.1.
  • 2013-05-08 Tagging: Fix xss bug in tagging.
  • 2013-05-02 Do not add linebreaks twice on search.


Sign In or Register to comment.