- Additional Requirements
- PHP 7.2 or newer (PHP 8.3 recommended)
MySQL 5.7 and newer (Also compatible with MariaDB/Percona etc.)
All of the official add-ons require XenForo 2.3.
Enhanced Search requires at least Elasticsearch 7.2.
- Visible Branding
- Yes
XenForo 2.3.9 Released
Today we are releasing XenForo 2.3.9 to address some potential security vulnerabilities that were recently reported to us. This version only includes security fixes and any bug fixes we previously said would make it to 2.3.9 have now been delayed until 2.3.10.The issues identified are as follows:
- Prevention of a possible stored XSS (cross-site scripting) exploit related to BB code rendering (thank you to Antisocial)
- Prevention of a possible XSS exploit related to lightbox usage in posts (thank you UwU)
- Prevention of a possible RCE (remote code execution) exploit via authenticated, but malicious, admin users (thank you UwU)
The following public templates have had changes:
- attachment_macros
- bb_code_tag_attach
- lightbox_macros