Patch files for 1.2 and 1.3 versions

See the posts above - it explains what the issue is. You can workaround it like XF.
 
Liam W said:
Question, Mike, what should add-on authors do to ensure addons aren't vulnerable, if they use XML files?

Liam
Click to expand...
Just use the same helpers that XenForo uses for processing all XML files.

Previously a new vanilla SimpleXML object used to be instantiated. Now, that is created through a helper which wraps around that and a Zend security function.
 
You must log in or register to reply here.

Similar threads

H
Not a bug Uploading unlicensed files and renewing the license does not add ads
Replies
2
Views
2K
htsumer
H
digitalpoint
Cloudflare optimizations for XenForo
7 8 9
Replies
175
Views
17K
digitalpoint
digitalpoint
Sonnie
XF 2 Looking for trustworthy tech to upgrade forum and add-ons.
Replies
9
Views
3K
Alpha1
Alpha1
Mr Lucky
Can security patch (edit only) be done on installations with expired licenses
Replies
5
Views
525
Mike
Mike
truonglv
Other XenForo App for both ios and android under developing
2 3
Replies
50
Views
14K
truonglv
truonglv
Top Bottom