Jump to content

Recommended Posts

Posted

Security Update: 7th February 2013

A cross-site-scripting (XSS) exploit has been discovered in IP.Gallery. We are releasing a security update for versions 4.2.x and 5.0.x today to patch this issue.

Instructions:
Patching is very easy;



  1. Identify the version of IP.Gallery you are running.
  2. Download and unzip the appropriate patch file below that matches your version.
  3. Upload the contents of the zip to your /public/js directory, overwriting the existing file.

IP.Gallery 4.2.x
Attached File ipg42_feb13.zip   831bytes  0 downloads

IP.Gallery 5.0.x
Attached File ipg5_feb13.zip   2.41K  2 downloads

Notes:

  • When you apply the security update the bulletin in your AdminCP will still display. We keep the bulletin in place for at least a week after a security release.
  • Our main software packages accessed via the client area have already been updated with this security update.

Our thanks to Mohamed Ramadan ( Attack-Secure.com / https://twitter.com/Attack_Secure ) for bringing this to our attention.



View the full article

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...