Blogs & News

Our latest blogs and announcements

Ark 2.6.9 - Ark Editor Security Announcement

Immediate upgrade to Ark 2.6.9

Download:

 Free Paid
 

NOTE: For more info on how to upgrade, please see: http://arkextensions.com/documentation/ark-editor/156-upgrading

High Risk XSS
vulnerability caused by Missing ACL checks in inline-editing save plugins. User can be unauthorised

Medium Risk
SQL Injection vulnerability caused by incomplete data sanitation. User must be logged-in with Ark Editor component editing privileges.

Low Risk
X6 XSS vulnerabilities. User must be logged-in with Ark Editor component editing privileges. Affected Installs All prior versions of Ark Extensions

Solution

Upgrade to version Ark 2.6.9

People in this conversation

WebxSolution Ltd and this site is not affiliated with or endorsed by The Joomla! Project™. Any products and services provided through this site are not supported or warrantied by The Joomla! Project or Open Source Matters, Inc. Use of the Joomla!® name, symbol, logo and related trademarks is permitted under a limited license granted by Open Source Matters, Inc.

Copyright © 2009 - 2018 WebxSolution Ltd
Powered by JoomlaWired