SECURITY ALERT : XSS Vulnerability in dasBlog

Hi,

last week i found a Cross-Site Scripting vulnerability in dasBlog that allows to inject script code in certain administrative pages and to “steal” the administrative cookie.

I will post a detailed advisory later this week.

for now – if you use dasBlog get the patch and installations instructions here. ASAP.

Spread the word!

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s