Elgg 1.7.14 has been released to address security vulnerabilities in all versions of Elgg 1.7, as well as a severe bug in Elgg 1.7.12 and 1.7.13. Special thanks to Jeroen Dalsem of Coldtrick IT Solutions for reporting the security issue.
The security vulnerability is a possible SQL injection vector, but has a limited scope.
The bug fix was for a change in the access system in 1.7.12 that could prevent new users from signing up.
It is important to upgrade to Elgg 1.7.14 to give your users the best and safest experience on your Elgg-based network.
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
Great news! Cheers!