Elgg is a free and open source social network system (php/mysql) that implements social networking with BLOG as the center. Once it came out, it received rave reviews, and some even compared it to the famous moodle. This platform not only won the honor of the best social network open source CMS platform in 2007, but also received the highest praise from info world.
Elgg 1.7.11 has been released with security improvements. All users are advised to upgrade immediately.
The following security enhancements were made:
* Aung Khant from the YEHG reported and helped to fix a XSS vector in the Embed plugin and an SQL exposure vector in the Search plugin.
* Lostmon Lords reported and helped to fix an SQL injection vector in the search plugin.
Tons of thanks to these two people, who have been helping us find and fix security problems for the last few releases!
1.7.11 also includes a few minor bugfixes:
* Filtering by content works again in the activity stream.
* Dragging works in IE 9 for profile widgets.