Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.

Low level XSS Fix (v6.01.11)

  1. Home
  2. News
  3. Security
  4. Low level XSS Fix (v6.01.11)
Low level XSS Fix (v6.01.11)
Updated 15 July 2007: The update mentioned below caused the lost password function to fail. This has now been corrected, the fixed lostpassword.php can be found in the 6.01.11 upgrade package.

Original news:
A secunia advisory has brought to my attention an XSS in the FUSION_QUERY string. In order to fix this I have opted to use some v7 code. All users are strongly encouraged to keep their setups as up-to-date as possible, stop slacking! (Joke).

Existing v6.01.10 users can download the file '6.01.11 Update for v6.01.10 and simply upload the inluded files and click upgrade under System Admin. The full sourceforge package has also been updated. Manual updaters can find the fix details in the CVS.

PHPFusion 6.01.11 Update FOR V6.01.10 ONLY (6Kb).
PHPFusion 6.01.11 (2.04Mb).

Falk July 06 2007 44,932
News Categories
Popular News
PHPFusion 9.0 Beta
PHPFusion 9.0 BetaOctober 03 2014 | Downloads
134942
Tesseract, Progress Report
Tesseract, Progress ReportApril 26 2014 | Development & Design
83614
Welcome Back
Welcome BackMarch 24 2006 | PHPFusion
79593
PHPFusion 9.0 ( Andromeda ) Stable
PHPFusion 9.0 ( Andromeda ) StableApril 27 2017 | PHPFusion
67114
Critical update - v6.00.305
Critical update - v6.00.305March 12 2006 | PHPFusion
66218
PHPFusion v7.02.06
PHPFusion v7.02.06January 27 2013 | Downloads
54154