CMS Critic Logo
  • Articles
  • Products
  • Critics
  • Programs
Login Person Icon

ExpressionEngine 1.7.1 Security Release available

Home
Articles
Products
Likes

ExpressionEngine 1.7.1 Security Release available

mike-johnston Profile
Mike Johnston
1 min

A new security release of ExpressionEngine CMS is available. Version 1.7.1 is now available for download and addresses a critical bug where each member’s settings for ‘Enable Avatar’ and ‘Enable Signatures’ were reset to ‘No’ when preferences were updated in the control panel’s General Configuration page.  The release also addresses a security issue where an SQL injection was at least theoretically possible.  There are no known cases of a successful exploit and such an attack could only be executed by someone with control panel access and access to the admin area with “Can administrate general preferences”.

You can learn more about this release on the ExpressionEngine blog.

CMS Critic Logo
  • Programs
  • Critics
  • About
  • Contact Us
  • Privacy
  • Disclaimer

©2025 CMS Critic. All rights reserved.