Vanilla 2.8.3 is now available for download - Security patches.

nervoustwit

Get it right here: https://open.vanillaforums.com/addon/vanilla-core-2.8.3

Our Hacker One bounty campaign continues to bear fruit helping us to harden our code. In this release:

• Patching XSS vulnerabilities in the Rich Editor.
• Better permission checks on several endpoints.
• Stopping stored XSS attacks in the message alerts.

Please upgrade to the latest version of Vanilla as soon as possible. No other changes from 2.8.1 are in this version.