- Jul 18, 2020
- 10,241
- 12,790
- 521
Offline
XenForo 2.2.1 is now available for all licensed customers to download. We strongly recommend that all customers running previous versions of XenForo 2.2 upgrade to this release to benefit from increased stability.
Most importantly, this release fixes two potential security vulnerabilities in XenForo.
The issues are XSS vulnerabilities. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access.
XenForo extends thanks to security researcher Vincent ibn Winnie for reporting the issues.
We recommend doing a full upgrade to resolve the issues, but a patch can be applied manually. See below for further details.
Most importantly, this release fixes two potential security vulnerabilities in XenForo.
The issues are XSS vulnerabilities. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access.
XenForo extends thanks to security researcher Vincent ibn Winnie for reporting the issues.
We recommend doing a full upgrade to resolve the issues, but a patch can be applied manually. See below for further details.
