• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.4 help

#1
hello,
I ask because I support a flaw xss Stored and I do not know how to simply remove. the guy but recovered logs and
Can you help me
 

Brogan

XenForo moderator
Staff member
#4
If you are saying your server has been compromised, you will need to identify how they gained access and take steps to prevent it happening again.

You will then need to remove any relates files or malware.

The server logs can be inspected to see if there is any record of who accessed the server, etc.
 

Mike

XenForo developer
Staff member
#6
Without any knowledge of what the issue is specifically, where it is, etc, there isn't any way that we can really comment on what to do.
 

Mike

XenForo developer
Staff member
#10
But you haven't explained where the XSS is. We can't give you any sort of explanation without specifics of what you're trying to report.
 

Mike

XenForo developer
Staff member
#12
What led you to believe there's a stored XSS then exactly?

If you don't know where it is, then it isn't really possible to fix. At best, you could remove everything and start again, but you may leave the same hole open next time, so that isn't very useful. (There aren't any known XSS issues in the current releases of XenForo and all of our official add-ons; as usual, I couldn't say whether there are issues in third party add-ons.)