Just thought that i should share this, but no matter what, i still love serendipity
Serendipity Vulnerabilities Report
-
jumanjisama
- Regular
- Posts: 16
- Joined: Tue Sep 19, 2006 2:02 pm
Serendipity Vulnerabilities Report
There is a report from securityfocus, that says serendipity has some serious XSS Vulnerabilities, though hell i don't know what is that, but it still raises some concerns. Especially when they mentioned that a hacker could trick the admin to visit some other web. Anyway, the guys from securityfocus rate this vulnerabilities as critical. You may read the full report here : http://www.securityfocus.com/archive/1/449189
Just thought that i should share this, but no matter what, i still love serendipity
Just thought that i should share this, but no matter what, i still love serendipity
-
stm999999999
- Regular
- Posts: 1531
- Joined: Tue Mar 07, 2006 11:25 pm
- Location: Berlin, Germany
- Contact:
Application: Serendipity <= 1.0.1
Vendor Status: Vendor has a released an updated version
...
Disclosure Timeline:
05. October 2006 - Contacted Serendipity developers by email
18. October 2006 - Updated Serendipity was released
19. October 2006 - Public Disclosure
Recommendation:
It is strongly recommended to upgrade to the newest version of
Serendipity 1.0.2 which you can download at:
Ciao, Stephan