Main Menu
Our Sponsors
Chi Kien Uong
Geranienstraße 30
71034 Böblingen
Deutschland / Germany
If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register /  [Login] Login 
Advanced Poll Exploits, Patched?  XML
Forum Index » Support Forum
Author Message
[Post New]16/12/2010 06:39:28
    Subject: Advanced Poll Exploits, Patched?
[Up]
kaylward
Newbie

Joined: 16/12/2010 06:30:48
Messages: 1
Offline
There's a current XSS vulnerability in Advanced Poll, unpatched in v 2.0.8
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2003

I'm assuming that's still valid. The work around would seem to be to remove that script.

More concerning is the host of exploits available on previous versions:

http://secunia.com/advisories/10068/
http://www.auditmypc.com/network-security/network-security-582006.asp

Have these all been addressed in 2.0.8?
[Post New]14/01/2011 22:29:21
    Subject:
[Up]
Webmaster
Site Admin
[Avatar]

Joined: 10/01/2002 23:32:17
Messages: 82
Offline
All XSS vulnerability and exploits are fixed in version 2.09
[Email] [WWW]
 
Forum Index » Support Forum
Go to:   
Based on the open source JForum