Time to upgrade! Elgg posts some new security updates for their social networking CMS.

1 min read

Users of the social networking CMS, Elgg, should be aware of a new update that has been posted on the main website. Version 1.8.5 has been made available and resolves a number of outstanding issues including:

  • a security fix that prevents a potential XSS attack against users who click a specially crafted URL.
  • a fix that closes a loophole which allowed users to create a new account without requiring validation.
  • a third fix that addresses an access bug that could inadvertently reveal private entities to users who wouldn’t otherwise have access.

There are also a few minor bug fixes in this release:

  • For those networks that have enabled the Twitter API plugin, new users are forwarded to the correct page after creating an account with Twitter.
  • PDF files display in the browser instead of downloading directly to users computers.
  • Fixed some upgrade issues related to the system log.

Users of prior version should consider upgrading as soon as possible.

Have you read our Elgg Review? You should check it out if you are in the market for a social networking solution.

Previous article

Brightcove makes your CMS video friendly

Serious content marketers know how powerful a tool video is when capturing and holding the attention of site visitors. Brightcove is a solid choice for

WordPress refreshes their Plugin pages
Next article

WordPress refreshes their Plugin pages

Love them or hate them, WordPress plugins are a big part of what makes the CMS so versatile. From event management, social syndication, and contact


🎉 You've successfully subscribed to CMS Critic!