Osclass 3.7.4: security update

Last 21st July, we detected, thanks to the notice of several users of our forums, that in some Osclass websites appeared a new admin account. Said account was created without the knowledge of the administrator. Given the security risk that this may represent for our users, we are releasing a new version of Osclass which corrects this error and will prevent it from happening in the future.
Meanwhile, we continue to analyze the cause of the intrusion. At the moment we the lack of information on what the source of this bug is or how many sites may have been affected. As soon as we have more information we will provide you the necessary explanations. At the moment, we ask you all to update your sites with this new version.

You can update it from your admin panel or download Osclass 3.7.4 manually. If you have any doubt, please use this guide on how to update Osclass or post your questions in the forums.

This entry was posted in Development. Bookmark the permalink. Óscar

One Response to Osclass 3.7.4: security update

  1. Roman says:

    I read the opinion of the user who updated the site to version 3.7.4 and he immediately thereafter began the attack on the site. About 60 000 requests per hour, including in the root directory. This may be a coincidence? Who exactly has released version 3.7.4? Why it is still on the main downloads page (osclass.org) is version 3.7.3. ?