MachForm 25 Released. Security Update.
MachForm 25 is now available for download on Account Area. This release brings important security updates and bug fixes. We STRONGLY encourage you to update your MachForm immediately.
Security Updates
- SQL Injections. We have addressed a potential vulnerability that could allow multiple SQL injections attack on the admin backend side.
Technical Details
The technical details of these vulnerabilities will be published later in the CVE database. We will update this post with the corresponding CVE IDs once they are available.
Acknowledgments
We would like to extend our gratitude to Vladimir TOUTAIN from DSECBYPASS for his diligence and expertise in identifying these vulnerabilities.
PHP & MySQL Version Requirement
MachForm v25 requires the minimum version of PHP on your server to be at least PHP 7.4 and MySQL version at least MySQL 5.7. If you’re still using an older version, you’ll need to upgrade your PHP and/or MySQL version first.
How to Update
This update is FREE for all users with an active support contract.
As mentioned above, you can download it in the Account Area.
Follow this upgrade instruction:
Upgrading MachForm Self-Hosted