Main Menu
Our Sponsors
Chi Kien Uong
Geranienstraße 30
71034 Böblingen
Deutschland / Germany
If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register /  [Login] Login 
Messages posted by: kaylward
Forum Index » Profile for kaylward » Messages posted by kaylward
Author Message
Support Forum » Advanced Poll Exploits, Patched? » Go to message
There's a current XSS vulnerability in Advanced Poll, unpatched in v 2.0.8
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2003

I'm assuming that's still valid. The work around would seem to be to remove that script.

More concerning is the host of exploits available on previous versions:

http://secunia.com/advisories/10068/
http://www.auditmypc.com/network-security/network-security-582006.asp

Have these all been addressed in 2.0.8?
 
Forum Index » Profile for kaylward » Messages posted by kaylward
Go to:   
Based on the open source JForum