Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Options
Vanilla SQL Injection
H00j
✭
Found this, has it been addressed?
1
Answers
I believe so.
For more details, check out the latest security update.
Search first
Check out the Documentation! We are always looking for new content and pull requests.
Click on insightful, awesome, and funny reactions to thank community volunteers for their valuable posts.
Yes that is why there is an update to 2.0.18.8 please upgrade
❌ ✊ ♥. ¸. ••. ¸♥¸. ••. ¸♥ ✊ ❌
who reads announcements? they are almost as bad as reading documentation.
but then again - the announcement doesn't explicitly say it relates to the same issue.
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
I read the announcement and I already updated I was double checking it was the same issue.
You can never be too safe.
It's not immediately obvious that the latest release fixes this issue. Can you clarify as a matter of urgency please @Todd?
The latest security release addresses this issue, yes. We've been in contact with the firm that released this and they coordinated with us to get the security release out before they announced it.
Very standup of them I might add.
Thank you sir. Can you tell us which change was directed at this issue? I just want to be sure that no plugins expose the same vulnerability.
http://vanillaforums.org/discussion/comment/180288/#Comment_180288
There was an error rendering this rich post.
Ah, sorry for the double post. There were some brief issues with the forum last night and I thought that comment had been lost.