Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Security Vulnerability Notification | OBB-1444528  (Read 1667 times)

0 Members and 1 Guest are viewing this topic.

MarpleMW

  • Coppermine newbie
  • Offline Offline
  • Posts: 9
Security Vulnerability Notification | OBB-1444528
« on: October 26, 2020, 05:54:45 pm »

I have received notification of a security vulnerability from OpenBugBounty for my site running Coppermine 1.5.48, which I understand is the latest version.

How can I convey the details of this vulnerability to the developers please?

I'm not sure I should post all the details here.

Thanks in anticipation.
Logged

Phill Luckhurst

  • Administrator
  • Coppermine addict
  • *****
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 4799
    • Windsurf.me
Re: Security Vulnerability Notification | OBB-1444528
« Reply #1 on: October 27, 2020, 10:45:44 pm »

Thanks for the heads up. If you could PM details to me I shall raise it in our development forum for investigation.

Please be aware, we also have version 1.6.x available now if you would like to use that. It may also be affected, we will know when details are supplied.
Logged
It is a mistake to think you can solve any major problems just with potatoes.

MarpleMW

  • Coppermine newbie
  • Offline Offline
  • Posts: 9
Re: Security Vulnerability Notification | OBB-1444528
« Reply #2 on: November 23, 2020, 06:36:24 am »

Thanks for the heads up. If you could PM details to me I shall raise it in our development forum for investigation.

Please be aware, we also have version 1.6.x available now if you would like to use that. It may also be affected, we will know when details are supplied.

Apologies for the delay, I was expecting to be notified if there was a reply to this. I will PM now.
Logged

Phill Luckhurst

  • Administrator
  • Coppermine addict
  • *****
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 4799
    • Windsurf.me
Re: Security Vulnerability Notification | OBB-1444528
« Reply #3 on: December 06, 2020, 12:35:59 am »

Thank you for your follow up. I have received your email and have raised the problem.
Logged
It is a mistake to think you can solve any major problems just with potatoes.
Pages: [1]   Go Up
 

Page created in 0.014 seconds with 20 queries.