It has come to our attention that due to the way some browsers interpret image tags a vulnerability exists which allows a malicious user to perform an XSS attack by forcing an "onerror" event in the snapback tag.
To update your board, simply download the attached ZIP file, unarchive it and upload 'sources/classes/bbcode/class_bbcode_core.php' over the one on your server. If you wish to patch your board manually, please read the second post in this announcement.
The main download has been updated as of the time of this announcement.
Note: IPB 2.2.0 (all versions) are NOT affected by this vulnerability.
You can find more here (scroll down!)
JimE
Full Version: Ipb 2.1.7 Security Update - Medium Priority
TotalChoice Hosting Family Forums > TotalChoice Hosting General Support > Security Discussions > Software/Scripts/Other Alerts
Thanks for the info, Jim. 
Thanks Jim
Thanks Jim
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.