Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with Google Sign In with OpenID

Elefant 1.0.2 and 1.1.5 security updates released

edited February 2012 in Announcements

I just posted two new security update releases, 1.0.2-Stable and 1.1.5-Beta. Here's a summary of the fixes:

  • Fixed a potential XSS security hole in page add/edit previews
  • Secured lib/Model from a possible source of SQL injection.

You can download the latest updates here:

http://www.elefantcms.com/download

The official changelog is here:

http://www.elefantcms.com/wiki/Changelog

This update affects two files:

  • lib/Model.php
  • apps/admin/handlers/preview.php
Sign In or Register to comment.