#1378 Security: security vulnerabilities - Exponent CMS

Overview
Tickets more
Messages
Milestones more
2.7.2
Search

Type	To find
responsible:me	tickets assigned to you
tagged:"@high"	tickets tagged @high
milestone:next	tickets in the upcoming milestone
state:invalid	tickets with the state invalid
created:"last week"	tickets created last week
sort:number, importance, updated	tickets sorted by #, importance or updated
Combine keywords for powerful searching.
Use advanced searching »

#1378 new

Security: security vulnerabilities

Reported by dleffler | September 26th, 2016 @ 02:14 PM | in 2.4.0 (closed)

There have been a large number of security vulnerabilities reported in all past versions (v2.3.9 patch #1 and earlier). These include SQL injections, XSS, RCE, remote file execution, standard security permission compromise, etc... Due to the large number of reports, the fixes will likely require an early release of the next version (2.4.0) instead of a patch to v2.3.9. It will also make the previously supported v2.1.4 and v2.2.3 packages completely obsolete and not recommended for use.

Comments and changes to this ticket

Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

Bug Tracker for Exponent CMS

Shared Ticket Bins (Sort)

↓↑ drag 337 Open tickets
↓↑ drag 775 Resolved tickets
↓↑ drag 0 This week's tickets

People watching this ticket

expNinja

Exponentcms Exponent CMS → 2.4.0

Security: security vulnerabilities

Comments and changes to this ticket

Create your profile

Shared Ticket Bins (Sort)

People watching this ticket

Tags

Pages

Exponentcms Exponent CMS → 2.4.0

Keyword searching

Security: security vulnerabilities

Comments and changes to this ticket

Create your profile

Shared Ticket Bins (Sort)

People watching this ticket

Tags

Pages