Andy Moore

There’s a big update on the horizon but this is a security patch.

[code]foreach($_GET as $value => $get){
$_GET[”$value”] = htmlentities(htmlspecialchars(strip_tags($get)));
}
[/code]A hacking site today found a XSS vulnerability in the plugin, if you use my plugin please just add this under $mobile_plugin_version = ‘1.2′; and keep posted for a full update and version 1.3

This entry was posted on Sunday, January 13th, 2008 at 3:20 pm and is filed under generic. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.