Get articles in your inbox!Subscribe

ExpressionEngine 1.7.1 Security Release available

Site Index

This site uses affiliate links as a means of monetization.

A new security release of ExpressionEngine CMS is available. Version 1.7.1 is now available for download and addresses a critical bug where each member’s settings for ‘Enable Avatar’ and ‘Enable Signatures’ were reset to ‘No’ when preferences were updated in the control panel’s General Configuration page.  The release also addresses a security issue where an SQL injection was at least theoretically possible.  There are no known cases of a successful exploit and such an attack could only be executed by someone with control panel access and access to the admin area with “Can administrate general preferences”.

You can learn more about this release on the ExpressionEngine blog.

CMS & Marketing / ExpressionEngine 1.7.1 Security Release availableLast updated on January 5, 2019
Save Your Favorite Articles!
Create an account and save articles

Site Index