Announcements

XenForo Resource Manager 1.2.3 is a maintenance release for our resource manager add-on. We recommend all customers running XenForo Resource Manager 1.2 upgrade to 1.2.3 to benefit from increased stability. This release fixes several bugs that were reported following the release of XenForo Resource Manager 1.2.2: Fix an issue where clicking the "Updated Resource File" label focuses the wrong input while adding a new version. Fix for an 'Undefined index error' in XenResource_Listener_Proxy_ControllerFindNew Implement URL canonicalization for the Resource Author view. Merge the resource_count field in the xf_user table when merging users. Replaced the now unsupported ReviewAggregate data-vocabulary.org structured data with schema.org...

Today, we are pleased to release XenForo 1.5.5. This release fixes a number of bugs and issues that were found since the release of 1.5.4. As this is a maintenance release, the vast majority of the focus was an increase in stability. Please note that we are now formally recommending that you upgrade to PHP 5.4 or newer. Our intention with XenForo 2.0 is to require PHP 5.4 or newer. If you are running PHP 5.3 or 5.2, you will receive a warning when installing or upgrading XenForo. Some of the bugs fixed in 1.5.5 include: Fix an issue where logging in via Facebook would immediately log you out again Prevent a database error when using the IP Board 4.0/4.1 importer with a IPB 4.1 database Resolve a timeout when dealing with long data...

XenForo Media Gallery 1.1.4 is a maintenance release for our media gallery add-on. We recommend all customers running XenForo Media Gallery to upgrade to 1.1.4 to benefit from increased stability. This release fixes several bugs that were reported following the release of XenForo Media Gallery 1.1.3: Tweak to attachment uploader styling Better support for RTL languages when tagging users in media Couple of small permission checks in templates Change so that the auto complete search for members in the move media dialog no longer takes into consideration a user's recent activity Change to the RSS feed to show thumbnails by default and remove the individual item descriptions (some readers would ignore the content in favour of the...

During routine internal testing, we discovered a security issue within XenForo 1.3 and newer. The issue allows a cross site scripting (XSS) attack to potentially be triggered via a specially crafted profile post. XSS issues may allow an attacker to steal data (including cookies) or force a user to take actions without their consent or knowledge (possibly including administrative actions). We strongly recommend all XenForo customers follow one of the steps below to resolve this issue. If you have any questions relating to installing this patch or upgrading to the new version, please post in the Upgrade Support forum. Method 1: Upgrade to the New Version (Recommended) You may upgrade to XenForo 1.5.4 (or any subsequent version) to fix...

During routine internal testing, we discovered a security issue within XenForo 1.3 and newer. The issue allows a cross site scripting (XSS) attack to potentially be triggered via a specially crafted profile post. XSS issues may allow an attacker to steal data (including cookies) or force a user to take actions without their consent or knowledge (possibly including administrative actions). We strongly recommend all XenForo customers follow one of the steps below to resolve this issue. If you have any questions relating to installing this patch or upgrading to the new version, please post in the Upgrade Support forum. Method 1: Upgrade to the New Version (Recommended) You may upgrade to XenForo 1.4.12 (or the latest version of 1.5) to...

During routine internal testing, we discovered a security issue within XenForo 1.3 and newer. The issue allows a cross site scripting (XSS) attack to potentially be triggered via a specially crafted profile post. XSS issues may allow an attacker to steal data (including cookies) or force a user to take actions without their consent or knowledge (possibly including administrative actions). We strongly recommend all XenForo customers follow one of the steps below to resolve this issue. If you have any questions relating to installing this patch or upgrading to the new version, please post in the Upgrade Support forum. Method 1: Upgrade to the New Version (Recommended) You may upgrade to XenForo 1.3.10 (or the latest versions of 1.4 or...

Today, we are pleased to release XenForo 1.5.3. This release fixes a number of bugs and issues that were found since the release of 1.5.2. As this is a maintenance release, the vast majority of the focus was an increase in stability. Please note that we are now formally recommending that you upgrade to PHP 5.4 or newer. Our intention with XenForo 2.0 is to require PHP 5.4 or newer. If you are running PHP 5.3 or 5.2, you will receive a warning when installing or upgrading XenForo. Add-on developers: there are some serialization compatibility changes in 1.5.3. Please see this thread for details as you may need to check your add-ons or make changes. Some of the bugs fixed in 1.5.3 include: Add beta importers for IPB 4.0/4.1 and phpBB...