The Latest in IT Security

Security Patches Released for IP.Gallery 4.2.1 and 5.0.5

16
Jan
2014

Invision Power Services has released patches to address a cross-site scripting (XSS) vulnerability in IP.Gallery 4.2.1 and 5.05.

The XSS security hole is related to Shockwave Flash (SWF) file uploads.

Because SWF files allow arbitrary script to execute within the context of the site they are hosted on, we are releasing a patch today which disables SWF files from being accepted by IP.Gallery by default, the advisory published by IPS reveals.

Related posts:
  1. Security Patches Released for IP.Board 3.3.x and 3.4.x
  2. Django 1.6.3 Released to Address 3 Security Issues
  3. Giant ants are infesting the Saatchi Gallery
  4. Massive new security flaw is a big problem for Windows XP users
  5. Reflected XSS Vulnerability Patched in Cisco AsyncOS

Tags:  
Written by Softpedia
0 Comments
Comments are closed.

Categories

MONDAY, FEBRUARY 24, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments