Users of the social networking CMS, Elgg, should be aware of a new update that has been posted on the main website. Version 1.8.5 has been made available and resolves a number of outstanding issues including:
<ul>
<li>a security fix that prevents a potential XSS attack against users who click a specially crafted URL.</li>
<li>a fix that closes a loophole which allowed users to create a new account without requiring validation.</li>
<li>a third fix that addresses an access bug that could inadvertently reveal private entities to users who wouldn’t otherwise have access.</li>
</ul>
There are also a few minor bug fixes in this release:
<ul>
<li>For those networks that have enabled the Twitter API plugin, new users are forwarded to the correct page after creating an account with Twitter.</li>
<li>PDF files display in the browser instead of downloading directly to users computers.</li>
<li>Fixed some upgrade issues related to the system log.</li>
</ul>
Users of prior version should consider upgrading as soon as possible.
Have you read our <a href="https://www.cmscritic.com/elgg-review/">Elgg Review</a>? You should check it out if you are in the market for a social networking solution.

Time to upgrade! Elgg posts some new security updates for their social networking CMS.

mike-johnston company logo

mike-johnston

mike-johnston Profile

Users of the social networking CMS, Elgg, should be aware of a new update that has been posted on the main website. Version 1.8.5 has been made available and resolves a number of outstanding issues including: 
 
a security fix that prevents a potential XSS attack against users who click a specially crafted URL.
a fix that closes a loophole which al...