Security Release: NodeBB v2.8.19, v3.12.6, v4.4.3

<baris> @baris@community.nodebb.org

<p>We have released NodeBB versions v2.8.19, v3.12.6, and v4.4.3 to address a security issue involving a potential XSS vector.</p> <ul> <li> <p><a href="https://github.com/NodeBB/NodeBB/releases/tag/v4.4.3" rel="nofollow ugc">v4.4.3 Release Notes</a></p> </li> <li> <p><a href="https://github.com/NodeBB/NodeBB/releases/tag/v3.12.6" rel="nofollow ugc">v3.12.6 Release Notes</a></p> </li> <li> <p><a href="https://github.com/NodeBB/NodeBB/releases/tag/v2.8.19" rel="nofollow ugc">v2.8.19 Release Notes</a></p> </li> </ul> <p>If you discover a vulnerability, please report it responsibly via our <a href="https://nodebb.org/bounty" rel="nofollow ugc">bug bounty program</a>.</p> <p>As mentioned <a href="https://community.nodebb.org/topic/17428/support-for-security-vulnerabilities-in-1-x-and-2-x">before</a>, we are going to support 2.x up to August 2025.</p>

Read more →
0
0
0
0
0
0

If you have a fediverse account, you can quote this note from your own instance. Search https://community.nodebb.org/post/104821 on your instance and quote it. (Note that quoting is not supported in Mastodon.)