Introduction

The Kunena team has announce the arrival of Kunena 5.1.2 [K 5.1.2] which is now available for download as a native Joomla extension for J! 3.8.x. This version addresses most of the issues that were discovered in K 5.1 and issues discovered during the development stages of K 5.1. This is a Security release.

The key distinctions of K 5.1.2 are:

  • Attachments vulnerability
  • 30+ bugs fixed
  • 30+ enchaments
  • Find the full changes: Here.

K 5.1.2 is available for download on the download page.



Changes


Attachments - High vulnerability

[20180715] - Core -

• Project: Kunena
• SubProject: Forum Core
• Severity: HIGH
• Versions: 5.0 through 5.1.1
• Exploit type: Full Privileges
• Reported by: Rich
• Reported Date: 2018-07-13
• Fixed Date: 2018-07-13
• Release Date: 2018-07-15
• Joomla VEL: Joomla Vel

Description:
Guests/Users can have full privileges on a users uploaded attachements.

Affected Installs

Kunena versions 5.0.0 through 5.1.1 (Kunena 5.1.2 is not affected)

Solution

Upgrade to version 5.1.2

Contact

This email address is being protected from spambots. You need JavaScript enabled to view it..


Donate

Kunena is open source and free to use. We love providing one of the best forum out there, and don't expect to be paid for it. That said, projects like this have costs involved such as hosting and licenses. If you feel you have benefited from Kunena, and are able to do so, we would love your contribution. If you don't have the money to donate, then don't use any adblocker on our website. This will help us with the advertisements.

Log in to comment

RN3ANT replied the topic: #1 4 months 2 weeks ago
Enough already of these new updates! You constantly "invent" some new obscure nonsense, which requires regular updates, updates, updates, updates, updates and updates.
With the fact that the existing forum still works through the ass!