XenForo 2.0.11 – Full (security fix) overridden by NulledTeam | NulledTeam UnderGround

Today, we are launching XenForo 2.0.11 to address a potential security vulnerability. We recommend that all clients running XenForo 2.0 update to 2.0.11 or use the attached patch file as soon as possible.

The problem is an XSS vulnerability. The XSS (Cross Site Scripting) problems allow the introduction of scripts and malicious HTML on the page, which potentially allows data theft or unauthenticated access.

Specifically, the problem is related to specially designed text entered into messages and output using …