[opencms-dev] FCKEditor security alert
a.westermann at alkacon.com
a.westermann at alkacon.com
Mon Jul 13 12:49:48 CEST 2009
Hi Christoph,
thx for reporting. That bug report should be more precise on how to
exploit the vulnerability.
All references to the filebrowser connector have been disabled in 2006
in the FCKEditor configuration (configwidget.js, customconfig.js).
Kind Regards,
Achim.
-------------------
Achim Westermann
Alkacon Software GmbH - The OpenCms Experts
http://www.alkacon.com - http://www.opencms.org
Christoph P. Kukulies wrote:
> http://securitytracker.com/alerts/2009/Jul/1022513.html
>
> Don't know whether OpenCMS is concerned but just
> for the sake of security I'm mentioning it here.
>
> --
> Chris Christoph P. U. Kukulies kukulies (at) rwth-aachen.de
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/mailman/listinfo/opencms-dev
More information about the opencms-dev
mailing list