[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Multiple CSRF in SimplePHPBlog

Am Mittwoch 17 Oktober 2007 schrieb deme@xxxxxxxxxx:
> SimplePHPBlog
> Cross Site Request Forgeries
> Tested on v0.4.9

What's the purpose on reporting issues on old versions?
I don't know simplephpblog, but a quick look on their page tells me that 
they've released a bunch of security related updates since 0.4.9. Their 
current one is 0.5.1.

Hanno Böck		Blog:   http://www.hboeck.de/
GPG: 3DBD3B20		Jabber: hanno@xxxxxxxxx

Attachment: signature.asc
Description: This is a digitally signed message part.