Warning to All Users: Upgrade your Elgg Network to the Latest Version Now

Written by Rodolfo Hernandez Tuesday, 29 January 2013

If you are using elgg 1.7.x or elgg 1.8.x you must upgrade now to the latest elgg version immediately. A new security threat has been discovered and fixed, and I will explain the details about this threat in this article and the solution for it

All elgg versions are now facing the threat of an XSS attack via the Twitter widget, which comes pre-installed in all elgg versions. An XSS attack (Cross-Site Scripting Attack) is one of the top 5 security attacks carried out on a daily basis. An XSS attack could steal sensitive information or store harmful data in our servers.

To prevent this type of attack and any damage to our servers, all elgg users must upgrade to the latest elgg versions available, which are elgg 1.7.17 (for elgg 1.7.x users) and elgg 1.8.13 (for elgg 1.8.x users)

To get the new versions, go here:

http://elgg.org/download.php

Details on how to manually upgrade elgg version:

http://docs.elgg.org/wiki/Upgrading_Elgg

Note: Elgg 1.8.13 will be available soon in Softaculous

This concludes Warning: Upgrade your elgg Network to Latest Version Now

Looking for quality Elgg Hosting? Look no further than Arvixe Web Hosting!

Happy Hosting!

Rodolfo Hernandez