On Saturday 2 February 2008 12:14, Thijs Kinkhorst wrote: > On Friday 1 February 2008 18:08, Nico Golde wrote: > > I tested this sucessfully in a local phpbb2 installation as > > well as on phpbb.de using two test accounts. > > > > If you fix this vulnerability please also include the CVE id > > in your changelog entry. > > Thanks Nico, I'll take care of it.
Found the patch in upstream repo, will take care of this tonight. Thijs
pgpvPqzRwTshb.pgp
Description: PGP signature
