Jump to content
View in the app

A better way to browse. Learn more.
OKSTAR

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

XenForo 2.3 Full 2.3.9

(1 review)

By Cavalry

1 Screenshot

XenForo is a powerful community forum software that provides users with a simple and easy-to-use interface and rich communication features. Users can easily communicate through posting, sending private messages, using tags, and other methods.

Its interface design is responsive, suitable for various devices, and has good customizability. Administrators can expand functionality and beautify interfaces through plugins and theme customization, while utilizing powerful management tools to manage users, content, and forum settings, ensuring order and activity in the community.

What's New in Version 2.3.9

Released

Today we are releasing XenForo 2.3.9 to address some potential security vulnerabilities that were recently reported to us. This version only includes security fixes and any bug fixes we previously said would make it to 2.3.9 have now been delayed until 2.3.10.

It is now available for all licensed customers to download. We strongly recommend that all customers running previous versions of XenForo 2.3 upgrade to this release to benefit from increased stability.

The issues identified are as follows:

  • Prevention of a possible stored XSS (cross-site scripting) exploit related to BB code rendering (thank you to Antisocial)

  • Prevention of a possible XSS exploit related to lightbox usage in posts (thank you UwU)

  • Prevention of a possible RCE (remote code execution) exploit via authenticated, but malicious, admin users (thank you UwU)

If you are a XenForo Cloud customer, fixes for these issues have been rolled out automatically, and no further action is required to address them.
Note: If you decide to patch the files instead of doing full upgrades, your "File health check" will report these files as having "Unexpected contents". Because these files no longer contain the same contents your version of XF was shipped with, this is expected and can be safely ignored.

As always, new releases of XenForo are free to download for all customers with active licenses, who may now grab the new version from the customer area or upgrade from your Admin control panel (Tools > Check for upgrades...).
  • Report
    • Previous File HuoNiu XFRM Grid Layout Style
    Next File XenForo Resource Manager

    User Feedback

    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.

    Guest
    • This will not be shown to other users.
    • Your review Required
      Add a review...
    Enthusiast

    Cavalry
       1 of 1 member found this review helpful 1 / 1 member

    OK

    • Like 1

    Account

    Navigation

    Search

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.