Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Dan Scott's Blog:
Serendipity (s9y) blog: Security release
Oct 19, 2006 @ 11:23:00

If you're a Serendipity user, you need to install the pactch that Dan Scott mentions in his latest blog post:

I thought you should know they just released a security update to fix an XSS issue in the administration backend. Unfortunately, s9y.org itself appears to be very ill at the moment: I kept getting 500 - Internal Server Error.

There's an update that's been released and (will be) available from their site, but you can also just upgrade to the latest version as downloaded from their sourceforge repository.

For more information, check out the Hardened-PHP Group's security advisory on the issue.

tagged: serendipity security release patch xss latest download serendipity security release patch xss latest download