Hi,
the vulnerabilities on secunia.com have been fixed long time ago (see
their recommendation to upgrade).
The patch you supplied is actually not enough to prohibit users from
entering script code. I fixed following additional cases:
- Enter a user name, full name or email address conainin
Hello,
while browsing the ELOG entries at Secunia, I saw that my
security bugs in ELOG were only marked as partially fixed.
After some investigation, I found out that one more patch
was needed to close the XSS bug when handling Categories
(more specifically, when Adding a new Category called
somet
2 matches
Mail list logo
