XenForo Announcements

XenForo Media Gallery 1.1.0 Beta 2 has been released to all customers with active Media Gallery licenses. This release fixes a number of bugs that were discovered since the release of 1.1.0 Beta 1. If you are currently running 1.1.0 Beta 1, we strongly recommend you upgrade to this release. However, as before, we do not recommend you run beta software in production. Security fixes from XenForo Media Gallery 1.0.9 and earlier have been included in this release. The new features in Media Gallery 1.1 have been shown in the Have You Seen...? forum. XenForo Media Gallery 1.1 requires XenForo 1.5.0 Beta 3 or later. Customers with the appropriate license may download XenForo Media Gallery via their customer area. This is beta software. It...

We have recently become aware of a security issue within XenForo and have released a patch and new version (XenForo 1.4.10) to resolve this issue. We strongly recommend all XenForo customers follow the steps below to resolve this issue. The issue is a cross site scripting (XSS) flaw that could allow an attacker to steal cookies or force a user to take actions without their consent or knowledge (possibly including administrative actions). If you have any questions relating to installing this patch or upgrading to the new version, please post in the Upgrade Support forum. Method 1: Upgrade to the New Version You may upgrade to XenForo 1.4.10 to fix this issue. You should upgrade as you would to any other release. Customers with an...

We have recently become aware of a security issue within XenForo Media Gallery and have released a patch and new version (XenForo Media Gallery 1.0.9) to resolve this issue. We strongly recommend all XenForo Media Gallery customers follow the steps below to resolve this issue. The issue is a cross site scripting (XSS) flaw that could allow an attacker to steal cookies or force a user to take actions without their consent or knowledge (possibly including administrative actions). We would like to thank @batpool52! for bringing this to our attention. If you have any questions relating to installing this patch or upgrading to the new version, please post in the Media Gallery Support forum. Method 1: Upgrade to the New Version The...

We have recently become aware of a security issue within XenForo and have released a patch and new version (XenForo 1.3.8) to resolve this issue. We strongly recommend all XenForo customers follow the steps below to resolve this issue. The issue is a cross site scripting (XSS) flaw that could allow an attacker to steal cookies or force a user to take actions without their consent or knowledge (possibly including administrative actions). If you have any questions relating to installing this patch or upgrading to the new version, please post in the Upgrade Support forum. Method 1: Upgrade to the New Version You may upgrade to XenForo 1.3.8 to fix this issue. You should upgrade as you would to any other release. Customers with an...

We have recently become aware of a security issue within XenForo and have released a patch and new version (XenForo 1.2.9) to resolve this issue. We strongly recommend all XenForo customers follow the steps below to resolve this issue. The issue is a cross site scripting (XSS) flaw that could allow an attacker to steal cookies or force a user to take actions without their consent or knowledge (possibly including administrative actions). If you have any questions relating to installing this patch or upgrading to the new version, please post in the Upgrade Support forum. Method 1: Upgrade to the New Version You may upgrade to XenForo 1.2.9 to fix this issue. You should upgrade as you would to any other release. Customers with an...

We have recently become aware of a security issue relating to a third-party library included with XenForo Media Gallery and have released a patch to resolve this issue. The issue is a cross site scripting (XSS) flaw that could allow an attacker to steal cookies or force a user to take actions without their consent or knowledge (possibly including administrative actions). We recommend all XenForo Media Gallery customers use one of the methods described below to resolve this issue and improve their security. We would like to thank @batpool52! for bringing this to our attention. If you have any questions regarding this patch, please post in the Media Gallery Support forum. Method 1: Install the Patch Download the patch zip file...

Today, we are pleased to release XenForo 1.4.9. This release fixes a number of bugs and issues that were found since the release of 1.4.8. As this is a maintenance release, the vast majority of the focus was an increase in stability. Please note that we are now formally recommending that you upgrade to PHP 5.4 or newer. Our intention with XenForo 2.0 is to require PHP 5.4 or newer. If you are running PHP 5.3 or 5.2, you will receive a warning when installing or upgrading XenForo. Some of the bugs fixed in 1.4.9 include: Make changes to support version 2.4 of the Facebook API. This fixes problems registering via Facebook with newly created Facebook apps. Make the contact page trigger a redirect if it is not loaded in an overlay. If it...