Skip to content
  • Home
  • Categories
  • Recent
  • Popular
  • World
  • Top
  • Tags
  • Users
  • Groups
  • Documentation
    • Home
    • Read API
    • Write API
    • Plugin Development
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo
v3.10.3 Latest
Buy Hosting
  1. Home
  2. NodeBB Development
  3. NodeBB 2.8.7 Security Update

NodeBB 2.8.7 Security Update

Scheduled Pinned Locked Moved NodeBB Development
security2.8.7
1 Posts 1 Posters 298 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • barisB Offline
    barisB Offline
    <baris> NodeBB
    wrote on last edited by
    #1

    A bug in our message parsing code can result in remote code execution.

    Affected versions >=2.5.0 <2.8.7

    We have resolved this in the latest version of NodeBB(2.8.7), and the fix has already been rolled out as a patch on all of our hosted customers.

    The fix is included in the latest 2.8.7 release https://github.com/NodeBB/NodeBB/releases/tag/v2.8.7.

    If you are not able to upgrade to the latest release, you can also cherry-pick or apply this commit manually https://github.com/NodeBB/NodeBB/commit/ec58700f6dff8e5b4af1544f6205ec362b593092

    1 Reply Last reply
    2

    Copyright © 2024 NodeBB | Contributors
    • Login
    • Don't have an account? Register
    • Login or register to search.
    Powered by NodeBB Contributors
    • First post
      Last post
    0
    • Home
    • Categories
    • Recent
    • Popular
    • World
    • Top
    • Tags
    • Users
    • Groups
    • Documentation
      • Home
      • Read API
      • Write API
      • Plugin Development