Posted by Todd Nienkerk on March 7, 2012 at 12:11am
| Download | Size | md5 hash |
|---|---|---|
| ed_readmore-6.x-3.1.tar.gz | 9.9 KB | 12173b8d28874a06db8644fc0de6cda0 |
| ed_readmore-6.x-3.1.zip | 10.69 KB | 70dea0972794932270a5f1fb7bd0b8b9 |
Last updated: March 7, 2012 - 00:15
Release notes
This release addresses a cross-site scripting (XSS) vulnerability. Due to this vulnerability, a user could inject arbitrary scripts into pages affecting other site users. This could result in administrative account compromise leading to web server process compromise. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "access administration pages."