CMS Critic Logo
  • Articles
  • Products
  • Critics
  • Programs
Login Person Icon

Elgg 1.7.3 and 1.6.3 security releases

Home
Articles
Products
Likes

Elgg 1.7.3 and 1.6.3 security releases

mike-johnston Profile
Mike Johnston
1 min

Georg-Christian Pranschke from http://www.sensepost.com/ discovered a vulnerability in Elgg that could potentially allow SQL injection attacks using crafted URLs or POSTs. Versions 1.7.3 and 1.6.3 correct this and are highly recommended for all Elgg users.

1.7.3 also includes additional bugfixes for problems found in 1.7.2:

  • Entering an invalid captcha now forwards to the referring page instead of the front page.
  • “Edit details” and “Edit profile icon” only show up on user's own profile.
  • get_objects_in_group() works correctly.
  • Legacy wrapper functions correctly support multiple owner guids.

To maintain the security of your network and its users, all Elgg installations should be upgraded immediately.

You can download the latest releases from their website: Elgg CMS

CMS Critic Logo
  • Programs
  • Critics
  • About
  • Contact Us
  • Privacy
  • Disclaimer

©2025 CMS Critic. All rights reserved.