• *** IMPORTANT NOTICE ***
    10 Post Exclusive Unlimited Resources Download.
XenForo 2.0.3 Release Nulled

XenForo 2.0.3 Release Nulled 2.0.3

No permission to download
Most importantly, this release contains a fix for the security issue that we were informed about. The problem was not found in the XF code itself, but instead the file we previously included in XF 1.5.x in the Video JS library. This problem is known as "authentication phishing", which includes publishing a specially crafted URL specified in the SWF Video JS file. This specially crafted URL, when clicked or inserted into a page, can contain another URL that returns a 401 response and displays an authentication prompt. This authentication prompt can deceive less experienced users by assuming that it is your site that is requesting authentication when in fact the entered authentication data can be sent to an attacker.

This problem can potentially affect users of XenForo 2.0 if you have previously updated with XenForo 1.5. The reason for this is that the damaged file will be left in your file system after the update, unless you have taken steps to manually or automatically clean up old files. To solve this problem in both XF 1.5 and XF 2.0, we include a file with a null byte that will overwrite the problem file.

We recommend that all clients update to the latest version of XF 1.5 or XF 2.0, but if you can not do this, you can simply delete the file that is in: js / videojs / video-js.swf.

As a side note, potentially there is another exploit in some versions of the browser that is similar. This is associated with a URL pointing to a resource, for example, an image that returns a 401 response. This is an exploit that is fixed by most browser providers. Currently, it is fixed in the latest stable release of Chrome and the upcoming versions of Safari and Firefox. If you are concerned about such an exploit, please tell your users that:
  • a) they must use the latest available version of their preferred browser
  • b) that the login data must be provided only through the login form of your site.
Supplement XenForo Importers

We have made an important change in the way we will produce XenForo importers in the future. Instead of sending files with XenForo itself, importers will be installed as a separate add-on. One reason for this change is that we can provide more frequent updates to the importers code as needed, without waiting for the usual XF release cycle.

Currently available importers are vBulletin (versions 3.x, 4.x, 5.x and add-ons to blogs), but we are actively working on the release of more importers in the near future.

XenForo 2.1

We are moving very well towards XenForo 2.1, and although we do not have anything to show you, we have plans to increase the minimum requirements in XenForo 2.1 so that we can bring you quite pleasant changes. ;)You can remember that in XenForo 2.0.2 we started collect statistics on the server, and it really was very useful, so thank you to everyone who agreed to provide this information. We wanted to share some statistics using PHP versions:
  • PHP 5.4: 6%
  • PHP 5.5: 4%
  • PHP 5.6: 34%
  • PHP 7.0: 23%
  • PHP 7.1: 23%
  • PHP 7.2: 10%
Perhaps there are not many surprises here, but this shows that 90% of our customers who currently use XF 2.0.2 use the version of PHP that is version 5.6 and higher. Thus, XenForo 2.1 will require a minimum of PHP 5.6. If now 10% that currently use PHP 5.4 or PHP 5.5, we strongly recommend that you update them as soon as possible. Of course, we recommend using PHP 7.2+ wherever practicable. If you plan to go to XenForo 2.1 with XenForo 1.5, then in this case, please specify the requirements for the PHP version in your upgrade plans.

If you are using version 5.6 of PHP, you will receive a warning when installing or upgrading XenForo.

We have pretty big plans for XenForo 2.1, and we're working on it a lot, so expect interesting news about this in the coming months.
Author
Onidra
Downloads
0
First release
Last update
Rating
0.00 star(s) 0 ratings

More resources from Onidra

About Us

10 Post Exclusive Unlimited Resources Download
10 Post Exclusive Unlimited Resources Download
10 Post Exclusive Unlimited Resources Download
10 Post Exclusive Unlimited Resources Download

Invision Community

Top