Hi, everyone. I found a security bug in the 2.1.9, which also exists in androwson 2.4.1 but not exists in this site. Who should I report this bug to? I look at the site jforum.net, but did't find any valid e-mail. thank you.
ok. I realised that this is not a good manner to communicate, and I came to modify the post, but maybe there is not function of thread modification. see the 'purple mooseage'.
I have made a touch with the commiter, and this thread should be modified or deleted. Please the moderator help to deal with this thread. Thank you. I can't find means to contact you.
I have just checked in a fix for this, so it's available to anyone building JForum from source, and it will be part of the next regular release.
I think this topic can remain, if for no other reason than to remind people that the 2.1.9 version is not safe, and that they should switch to 2.4.1 at the least.
I'm sure glad that he's gone. Now I can read this tiny ad in peace!
Gift giving made easy with the permaculture playing cards