Dears Members.

Fix Number: 01
Fireboard: 1.0.3 (Realease)
File(s):class.fireboard.php

BUG:

- It inserts " _ " before the words (Javascript, vbscript, expression, applet, meta, xml, blink, link, style, script, embed, object, iframe, frame, frameset, ilayer, layer, bgsound, title, base.)

Procedure:

1 - Make backup of your files and database of Joomla and Fireboard.

1 - Make Download of the file attach. (class.fireboard.zip)

2 - Unzip the file of class.fireboard.zip

3 - Go the folder. (With a program of FTP or JoomlaXplorer)

Joomla_root/components/com_fireboard

Change the file class.fireboard.php by in attached.

Only Information.
Changes:

File class.fireboard.php

In line 651.

Insert "//"

Code:

//$ra1 = Array('javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style', 'script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base');

Attention!!
This change won't be definitive for the next realease, we are studying a better solution for this BUG. They put this correction will do with that your Fireboard doesn't show this BUG.

Waiting our next realease.

Cu, Trorram

Pretty much it looks like this piece of code just got commented out. What does that do for the measure of security that it was supposed to provide?

Dear grumblemarc.

The Danial is analyzing your need in the insert of the code. You just removes that adn you doesn't have problems of security, next will be studying a better option for this array.

Cu, Trorram