[VIM] TinyMCE advisory question (fwd)
security curmudgeon
jericho at attrition.org
Fri Dec 30 18:57:18 EST 2005
: TinyMCE isn't what he's referring to. It seems the compressor is an
: optional seperate package? The advisory specifically names Compressor
: as being vulnerable. Indeed, on the front page of the vendor's site
: (tinymce.moxiecode.com) is the following:
:
: "Critical update of TinyMCE Compressor (PHP)
:
: A possible security issue has been found with the TinyMCE Compressor
: (PHP), we urge you to upgrade to 1.05 version as soon as possible!
: Thanks to Stefan Esser (http://www.hardened-php.net) for reporting this
: issue."
Duh, not sure why/how I missed that =) Explains everything. Thanks!
Brian
More information about the VIM
mailing list