During internal testing, we discovered a security issue within XenForo. The issue is known as a server-side request forgery (SSRF). This could allow an attacker to use your server to bypass your server's firewall and make internal requests. Depending on the services found, this could lead to privilege escalation or remote code execution.
This is a potentially serious issue and we strongly recommend all customers running XenForo 1.4 or older follow one of the below methods to fix this...
XenForo 1.4.13 Released (Security Fix)
Continue reading...
This is a potentially serious issue and we strongly recommend all customers running XenForo 1.4 or older follow one of the below methods to fix this...
XenForo 1.4.13 Released (Security Fix)
Continue reading...
