Security concern

General Forum
User avatar
Nidzo
Phoca Expert
Phoca Expert
Posts: 544
Joined: 07 Nov 2018, 14:55

Security concern

Post by Nidzo »

In light of the security flaws that have hit known Joomla components such as JCE editor, SP Page Builder, Helix framework, Balboa forms, jCagenda, etc. is there a fear of a security breach in the Phoca components since the security breaches were related to the upload option and Ajax?
User avatar
Jan
Phoca Hero
Phoca Hero
Posts: 49490
Joined: 10 Nov 2007, 18:23
Location: Czech Republic
Contact:

Re: Security concern

Post by Jan »

Hi, there are currently no known security risks. But it's always difficult with security risks because we only learn about them when someone discovers them. In general, Phoca extensions are made to prevent security problems (for example, some parts are often checked multiple times).

Jan
If you find Phoca extensions useful, please support the project
User avatar
Nidzo
Phoca Expert
Phoca Expert
Posts: 544
Joined: 07 Nov 2018, 14:55

Re: Security concern

Post by Nidzo »

Good to hear that 👌🏻
User avatar
Jan
Phoca Hero
Phoca Hero
Posts: 49490
Joined: 10 Nov 2007, 18:23
Location: Czech Republic
Contact:

Re: Security concern

Post by Jan »

BTW, speaking of which, today I received a report about a possible issue in Phoca Download, which was immediately fixed and a security release was issued: https://github.com/PhocaCz/PhocaDownloa ... /tag/6.1.3
If you find Phoca extensions useful, please support the project
Post Reply