Re: XenForo 1.5.x Unauthenticated Remote Code Injection

Posted by Julien Ahrens on Dec 16

This issue does not seem to exist at all.

Among the available versions/updates for XenForo there is no version
1.5.11a as stated in this advisory. After contacting XenForo about this
advisory and the corresponding update, they told me that they are
neither aware of this vulnerability nor about the reporter.

Best Regards
Julien

Leave a Reply