6
Aug
2018

Important Security Update

One of the public APIs in Action Grid was found to contain and expose data which could have allowed attackers access to the server and other sensitive information. This information was visible to anyone, even to users that do not have access to see the page.

The exposed information contains sensitive data like:

Server name
Host GUID
Site's absolute path on disk

We highly recommend all users to UPDATE their Action Grid modules to a minimum version of 5.0.87 (https://www.dnnsharp.com/download?p=AGRID&v=05.00.87) or any other build released after August 1st 2018.

The update needs to be installed on all sites that use Action Grid and have a DnnSharp.Common.dll (in /bin) file version smaller than 5.0.220. If your site has a dnnsharp.common.dll file version of 5.0.220 or bigger means the security issue is already fixed and no other action needs to be taken regarding this threat.

Author: Mihai Stanciu

0 Comments

Rate this article:

No rating

Categories: General News, App Sharp, Web Sharp, Action GridNumber of views: 2077

Tags:

Mihai StanciuMihai Stanciu

About Us

DNN Sharp is a leading provider with a proven track record in defining, designing and developing DNN Modules catering for a passionate community of thousands of users.

While our core focus is on DNN modules, our mission is to provide top quality products complemented by fast and reliable Customer support. We listen to our Customers and produce a variety of solutions to meet the complex needs of our global audience.