In this minutes I’ve uploaded a new bugfix release NextGEN Gallery Version 1.5.2 . There is one XSS bug fixed in the media-rss script and I also solved a issue with old shortcodes. I encouraged everybody to update to the latest version, or if you on whatever reason stay would stay at your version, please update the file media-rss.php from [...]
Tag Archive for 'security'
Security issue or not ?
18Jun08Before to many people starts writing that there is a security problem, I would like to give my statement . In the current version of NextGEN Gallery it’s possible to include javascript commands inside the description field (So called XSS vulnerability) as long as the user has admin access to the blog . It was [...]
Recent Comments