DataLife Engine v8.5 Bug Fix Conducting cross-site scripting attacks (XSS)

Problem: Under certain conditions on the site can be attacked XSS. These terms is to visit an authorized administrator, the attacker's website, with the use of administrator outdated browser, which may lead to the interception of cookies, browser.

Error in: 7.x - 8.5

The degree of danger: Low

To download the patch and copy to your own server patch: http://dle-news.ru/files/dle7_85_path.zip

This patch applies to all versions: 7.x - 8.5

Distribution version 8.5 has been updated.