Announcements

We are happy to announce that XenForo 1.5.0 Beta 1 is now available to all customers with active licenses. XenForo 1.5 includes a number of new features, such as two-step verification, content tagging, floating notices, a responsive admin control panel and more. You can see the full list of new features in the Have You Seen...? forum. This is beta software. It is not officially supported. We do not recommend running it in production. Please remember that this is beta software. It contains known bugs and incomplete functionality. We do not recommend running beta software in a production environment, and support is limited at this time to questions here on the community forums. Add-ons and custom styles may be broken after upgrading to...

XenForo Resource Manager 1.2.0 Beta 2 has been released to all customers with active Resource Manager licenses. This release fixes a number of bugs that were discovered since the release of 1.2.0 Beta 1. If you are currently running 1.2.0 Beta 1, we strongly recommend you upgrade to this release. However, as before, we do not recommend you run beta software in production. The new features in Resource Manager 1.2 have been shown in the Have You Seen...? forum. XenForo Resource Manager 1.2 requires XenForo 1.5.0 Beta 3 or later. Customers with the appropriate license may download XenForo Resource Manager via their customer area. This is beta software. It is not officially supported. We do not recommend running it in production...

Today, we are releasing XenForo 1.4.8. This release addresses two potential security vulnerabilities and fixes a number of bugs found since the release of 1.4.7. We recommend that all customers running XenForo 1.4 upgrade to 1.4.8 or use the attached patch file as soon as possible. The two security issues are XSS vulnerabilities. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access. In the notices system, the name token was not escaped as expected. This could allow specially crafted requests to trigger an XSS for guests (or for a registered user to trigger an XSS on themselves). In the filter list system in the admin control panel...

Today, we are releasing XenForo 1.3.7 to address two potential security vulnerabilities. We recommend that all customers running XenForo 1.3 upgrade to 1.3.7 or use the attached patch file as soon as possible. The two issues are XSS vulnerabilities. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access. In the notices system, the name token was not escaped as expected. This could allow specially crafted requests to trigger an XSS for guests (or for a registered user to trigger an XSS on themselves). In the filter list system in the admin control panel, dynamic highlighting when filtering did not escape output properly, potentially...

Today, we are releasing XenForo 1.2.8 to address two potential security vulnerabilities. We recommend that all customers running XenForo 1.2 or earlier upgrade to 1.2.8 or use the attached patch file as soon as possible. The two issues are XSS vulnerabilities. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access. In the notices system, the name token was not escaped as expected. This could allow specially crafted requests to trigger an XSS for guests (or for a registered user to trigger an XSS on themselves). In the filter list system in the admin control panel, dynamic highlighting when filtering did not escape output properly...

XenForo Media Gallery 1.0.6 is a maintenance release for our media gallery add-on. We recommend all customers running XenForo Media Gallery to upgrade to 1.0.6 to benefit from increased stability. This release fixes several bugs that were reported following the release of XenForo Media Gallery 1.0.5: Provide more detailed error messages when trying to access deleted gallery content. Display a suitable error if content has no valid IP addresses logged. Ensure guests can view category based media and other media they have permission to see in New Media. Catch various exceptions that could be thrown when rebuilding watermarks on images. Restrict imported media titles to the max length set in Gallery Options. Fetch thumbnails for YouTube...

XenForo Media Gallery 1.0.5 is a maintenance release for our media gallery add-on. We recommend all customers running XenForo Media Gallery to upgrade to 1.0.5 to benefit from increased stability. This release fixes several bugs that were reported following the release of XenForo Media Gallery 1.0.4: Improved caching of permission based template params in templates. Some small fixes and improvements to inline moderation including the display of the "Selected Items" on all relevant pages. No longer show banned users in various blocks, such as Recent Comments, Top Contributors and Recent Albums. Highlight the correct "order" tabs when viewing albums shared with you Changes to no longer count media in various places that are located in...