The developers of the open source social networking platform Elgg have released versions 1.8.17 and 1.7.20 to address three critical security holes and several functionality issues.
One of the vulnerabilities is a reflected cross-site scripting (XSS) flaw that impacts Elgg 1.8 installations. Another bug could have been leveraged to access the contents of sensitive files via a specially crafted request.
The third security fix addresses the problem of cryptographic keys…
Comments are closed.
