Elgg has vulnerabilities to SQL Injection?
If so, how to solve it?
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
- Brett@brett.profitt
Brett - 0 likes
- Ve@veinblack
Ve - 0 likes
- Brett@brett.profitt
Brett - 0 likes
You must log in to post replies.Previous versions of Elgg have had SQL injection exploits. The latest version of Elgg (1.8.8 at time of writing) has no known security issues. You should always run the latest version of Elgg to make sure your site is secure.
Brett: Thanks for your reply. I'm using elgg v1.8.8.
I tested my site with skipfish, but not whether to consider the result as potential vulnerabilities.
What scanners of websites or tools can you recommend?
Please email the relevant parts of your scan to security@elgg.org. If there are security issues, we'll fix them and make a new release.