1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. [ NEW MEMBER UPGRADE ] How to upgrade your account to download resources Please check this VIP and SVIP.

  3. [ Forum Rules & Guidelines ] Don't Forget to read Forum Rules & Guidelines  Learn More.

  4. XenForo Installation And Customization Service Click Here

Hello Guest ! you are trying to download premium addon / style that may only be accessed by VIP member only! You need to upgrade VIP Member! Please check this VIP and SVIP.
NOTE: In the Forum's We Do Not Distribute SVIP and VIP Resources In Useless .. We Also Want for Less Money To Purchase Content. Thanks ..

VIP Security Patches Released for IP.Gallery 4.2.1 and 5.0.5

Security Patches Released for IP.Gallery 4.2.1 and 5.0.5

  1. Beyond
    Invision Power Services has released patches to address a cross-site scripting (XSS) vulnerability in IP.Gallery 4.2.1 and 5.05.

    The XSS security hole is related to Shockwave Flash (SWF) file uploads.

    “Because SWF files allow arbitrary script to execute within the context of the site they are hosted on, we are releasing a patch today which disables SWF files from being accepted by IP.Gallery by default,” the advisory published by IPS reveals.

    Users who still want to allow SWF files can follow the instructions provided by the company. However, unless only trusted users are allowed to submit files to the IP.Gallery installation, IPS advises against doing so.

    IPS Community and Cloud customers who are running a recent version of the IP.Board add-on don’t have to take any action. The patches are available on the IPS Community forum.

    You can download IP.Gallery from Softpedia’s Scripts section.