No, you're not imagining it - we are doing another release, just a day after the release of 2.0.8.
XenForo 2.0.9 fixes a flaw that could potentially be exploited to create a cross-site scripting vulnerability. We recommend that all customers running XenForo 2.0 upgrade to 2.0.9 or use the attached patch file as soon as possible. Note that if you are applying the patch rather than doing a full upgrade to 2.0.9, you will need to apply...
Today, we are releasing XenForo 2.0.8 to address a potential security vulnerability. We recommend that all customers running XenForo 2.0 upgrade to 2.0.8 or use the attached patch file as soon as possible.
The issue is a XSS vulnerability. XSS (Cross Site Scripting) issues allow scripts and malicious HTML to be injected into the page, potentially allowing data theft or unauthenticated access.
Specifically, the issue relates to specially crafted text entered into messages and output using the structured text system (used in profile posts and comments).
Hot on the heels of our previous GDPR centric releases, today we're pleased to announce the release of XenForo 1.5.21 and XenForo 2.0.7 which aims to resolve some issues found since the release of the previous versions, and include a few further tweaks to enhance GDPR compliance on your forum.
See our previous release announcement for details of how we can help you comply with the new GDPR regulations.
A summary of the changes in this release are as follows:
Today we are releasing both XenForo 1.5.20 Beta 2 and XenForo 2.0.6 Beta 2 which resolves a small number of issues that have been reported to us since the release of Beta 1 which introduced some new functionality to aid compliance with the GDPR.