The forum is in read only mode.
ISSUE SUMMARY: Input is not sanitized when sending private messages between users
Hi, its a bug. please wait for the fix. Regards
Hi, here the fix: please edit /components/com_community/templates/jomsocial/layouts/inbox.message.php at line 36, change the code from
$content = filter_var( htmlspecialchars_decode($content), FILTER_UNSAFE_RAW );
$content = filter_var( htmlspecialchars_decode($content), FILTER_SANITIZE_STRING );
It works - the script tag is stripped out and nothing is executed.
JomSocial is the most complete, easy-to-use addon that turns Joomla CMS into a full -fledged, social networking site
TRY NOW BUY NOW