Introduction
The Kunena team has announce the arrival of Kunena 5.1.2 [K 5.1.2] which is now available for download as a native Joomla extension for J! 3.8.x. This version addresses most of the issues that were discovered in K 5.1 and issues discovered during the development stages of K 5.1. This is a Security release.
The key distinctions of K 5.1.2 are:
- Attachments vulnerability
- 30+ bugs fixed
- 30+ enchaments
- Find the full changes: Here.
K 5.1.2 is available for download on the download page.
Changes
Attachments - High vulnerability
[20180715] - Core -
• Project: Kunena• SubProject: Forum Core
• Severity: HIGH
• Versions: 5.0 through 5.1.1
• Exploit type: Full Privileges
• Reported by: Rich
• Reported Date: 2018-07-13
• Fixed Date: 2018-07-13
• Release Date: 2018-07-15
• Joomla VEL: Joomla Vel
Description:
Guests/Users can have full privileges on a users uploaded attachements.
Affected Installs
Kunena versions 5.0.0 through 5.1.1 (Kunena 5.1.2 is not affected)
Solution
Upgrade to version 5.1.2
Contact
Donate
Kunena is open source and free to use. We love providing one of the best forum out there, and don't expect to be paid for it. That said, projects like this have costs involved such as hosting and licenses. If you feel you have benefited from Kunena, and are able to do so, we would love your contribution. If you don't have the money to donate, then don't use any adblocker on our website. This will help us with the advertisements.