Vanilla Released

This discussion is related to the Vanilla addon.
ToddTodd Chief Product Officer Vanilla Staff
edited March 2012 in Releases

This release fixes a security hole in Vanilla that can leave your forum open to XSS attacks. There are also a couple of other minor fixes included with this release. We strongly recommend updating to this version of Vanilla.


  • 2012-03-26 Partially fix #1330 by checking the format field on models.
  • 2011-09-28 Fixed canonical url in /categories/*.
  • 2012-03-16 Fixed canonical url bug when looking at a category.

If you are running Vanilla 2.0.18+ and want the files to fix the security hole you can do the following:

  1. Download Vanilla
  2. Replace the following files on your site:
    • applications/dashboard/locale/en-CA/definitions.php
    • library/core/class.validation.php
    • library/core/functions.validation.php


Sign In or Register to comment.