Introduction
The Kunena team is proud to announce the arrival of Kunena 5.1.7 [K5.1.7] which is now available for download as a native Joomla extension for Joomla 3.9.x. This version addresses most of the issues that were discovered in K 5.1 and issues discovered during the development stages of K 5.1.7. This update fixes also 1 security issue.
We have Released K5.1.7 because of a High Security issue.
The key distinctions of K 5.1.7 are:
- 1 Security fix - High
- Find the full changes: Here.
Posting Topic - High vulnerability
[20181120] - Core - XSS Vulnerability
• Project: Kunena• SubProject: Forum
• Severity: HIGH
• Versions: 3.0 through 5.1.7
• Exploit type: XSS
• Reported by: Aleksandar Gligorijevic
• Reported Date: 2018-11-19 22:05
• Fixed Date: 2018-11-20 00:30
• Release Date: 2018-11-20
Description:
Override CSRF token checks lead to an XSS vulnerability..
Affected Installs
Kunena versions 3.0.0 through 5.1.6.1 (Kunena 5.1.7 is not affected)
Solution
Upgrade to version 5.1.7
Contact
Download
K 5.1.7 is available for download on the download page.