Security Vulnerability Notification | OBB-1444528 Security Vulnerability Notification | OBB-1444528
 

News:

CPG Release 1.6.27
change DB IP storage fields to accommodate IPv6 addresses
remove use of E_STRICT (PHP 8.4 deprecated)
update README to reflect new website
align code with new .com CPG website
correct deprecation in captcha

Main Menu

Security Vulnerability Notification | OBB-1444528

Started by MarpleMW, October 26, 2020, 05:54:45 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

MarpleMW

October 26, 2020, 05:54:45 PM
I have received notification of a security vulnerability from OpenBugBounty for my site running Coppermine 1.5.48, which I understand is the latest version.

How can I convey the details of this vulnerability to the developers please?

I'm not sure I should post all the details here.

Thanks in anticipation.

phill104

#1
October 27, 2020, 10:45:44 PM
Thanks for the heads up. If you could PM details to me I shall raise it in our development forum for investigation.

Please be aware, we also have version 1.6.x available now if you would like to use that. It may also be affected, we will know when details are supplied.
It is a mistake to think you can solve any major problems just with potatoes.

MarpleMW

#2
November 23, 2020, 06:36:24 AM
Quote from: Phill Luckhurst on October 27, 2020, 10:45:44 PM
Thanks for the heads up. If you could PM details to me I shall raise it in our development forum for investigation.

Please be aware, we also have version 1.6.x available now if you would like to use that. It may also be affected, we will know when details are supplied.

Apologies for the delay, I was expecting to be notified if there was a reply to this. I will PM now.

phill104

#3
December 06, 2020, 12:35:59 AM
Thank you for your follow up. I have received your email and have raised the problem.
It is a mistake to think you can solve any major problems just with potatoes.
Print
Go Up Pages1
User actions