Textpattern 4.0.5 veröffentlicht
Textpattern wurde nun in der Version 4.0.5 veröffentlicht.
“We have fixed one security issue (XSS) on the
public-side with comment-previews, which means that updates are
strongly recommended. The relevance and potential attack vectors are
described on wikipedia.
Since the authentification cookie is restricted to the admin-directory
and not accessible from the front-end, in most cases this means “only”
the info from the comment-data-cookie might be leaked. Users that run
textpattern together with other software or third party plugins that
set cookies might be at risk of having other data leaked, when a user
can be tricked into following certain links.”
weiter auf textpattern.org
- Bewertung:
(No Ratings Yet)- Aufrufe:
- Gelesen: 479 · heute: 0 · zuletzt: Freitag, 22. April 2011 - 21:50
- Info:
- Textpattern 4.0.5 veröffentlicht ist Beitrag Nr. 345
- Autor:
- opencm.de am 2. July 2007 um 21:27
- Category:
- Blog-News
- Tags:
- Trackback:
- Trackback URI
