If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
Advanced Poll Exploits, Patched?  XML
Forum Index » Support Forum
Author Message
kaylward
Newbie

Joined: 16/12/2010 06:30:48
Messages: 1
Offline

There's a current XSS vulnerability in Advanced Poll, unpatched in v 2.0.8
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2003

I'm assuming that's still valid. The work around would seem to be to remove that script.

More concerning is the host of exploits available on previous versions:

http://secunia.com/advisories/10068/
http://www.auditmypc.com/network-security/network-security-582006.asp

Have these all been addressed in 2.0.8?
Webmaster
Site Admin
[Avatar]

Joined: 10/01/2002 23:32:17
Messages: 82
Offline

All XSS vulnerability and exploits are fixed in version 2.09
[Email] [WWW]
 
Forum Index » Support Forum
Go to:   
Based on the open source JForum