Fork me on GitHub

Tuesday, September 18, 2007

Blog / General / News / Announcements / XSS Security threat! Get the patch now!

XSS Security threat! Get the patch now!

Stefano Novelli has just sent me a mail, pointing out an XSS security treat threat with the search.php parameters. Am I dumb? I didn’t filter the input!

Well, thanks Stefano, kudos to you!

Because this is FlatPress’ first security bulletin w00t, let’s party :D

You can download the full package from SourceForge as usual, but the files that changed are only two; actually it’s only a matter of ONE line in search.php, the other file just raisesthe minor version number of +1…

So, you can also download the patch for 0.703.2

Get the patch here.

(and I did all of this on time for dinner…)