Now is your last chance to buy a lifetime license before we switch to annual pricing. Existing licenses will be unaffected.
read more
Posted on April 3, 2024

Oxygen 4.8.2 Now Available

hello world!

Oxygen 4.8.2 is now available.

By design, Oxygen's "Client Control" feature allows those with Oxygen access to execute PHP.

This feature is off by default, and there is a security notice labeled "Important Security Warning" directly above the feature with more details. This security warning has been present for the last 6 years.

A security researcher reported that even though our UI clearly stated the risks of granting Oxygen access to untrusted users, our documentation in this area was lacking. We've updated our documentation and added a link to it from the UI.

Oxygen 4.8.2 is not an urgent or necessary update. There is no RCE vulnerability in Oxygen. The only issue was in our documentation.

Even though the issue was in our documentation and not our actual software, there will be a CVE reporting a vulnerability in Oxygen 4.8.1 and below. We're releasing this update as a courtesy so you can avoid getting erroneous emails from your host about needing to update.

Client Control will continue to work as it always has.

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Oxygen Today

Lifetime, unlimited site license

Copyright © 2024 Soflyy
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram