* Stefan Ritt [2006-09-27 23:09:27+0200] > The reported XSS vulnerability has been fixed in SVN revision 1719 of > elog by not allowing HTML mode by default. This mode has to be enabled > explicitly by setting "Allowed encoding = 7".
Hi Stefan, Thanks for the fix! I haven't checked the stable version. Does this issue also exist in our stable version (release 2.5.7, svn revision: r1558)? If so, we should prepare a backport for it. Cheers, -- roktas
signature.asc
Description: Digital signature
