Today, we have reached the first part of that timeline and from this point forward we will no longer be providing support or updates for XenForo 1.5. XenForo 2.0 and any versions prior to XenForo 1.5 are already unsupported.
XenForo 1.5.24 is now available for all licensed customers to download. We recommend that all customers running previous versions of XenForo 1.5 upgrade to this release to benefit from increased stability.
No, you're not imagining it - we are doing another release, just a day after the release of 2.0.8.
XenForo 2.0.9 fixes a flaw that could potentially be exploited to create a cross-site scripting vulnerability. We recommend that all customers running XenForo 2.0 upgrade to 2.0.9 or use the attached patch file as soon as possible. Note that if you are applying the patch rather than doing a full...
Today, we are releasing XenForo 2.0.8 to address a potential security vulnerability. We recommend that all customers running XenForo 2.0 upgrade to 2.0.8 or use the attached patch file as soon as possible.
The issue is a XSS vulnerability. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access.
Specifically, the issue relates to specially crafted text entered into messages and output using...