Security overview of Plone
The ten most common security issues in web applications, and how Plone addresses them.
Below is a list of the 10 most common security vulnerabilities in web applications, and how Plone addresses these. The full background for this list can be found at the Open Web Application Security Project web site.
ImpressCMS 1.1.1 RC2
ImpressCMS is proud to announce the release of 1.1.1 RC2.
Changes
Fixed
* #2354713: Security issue in SESSION id (Fixation), previous fix caused problems with some users being logged out sporadically. (vaughan)< /BR>
* XSS vulnerability in blocksadmin.php $_GET['selmod'], potential (but not necessarily vulnerable) exploit in $_GET['editor']. (GiJoe/vaughan)
Incoming search terms:
- powered by oscommerce
- ip:74 53 234 2 powered by osCommerce
New Security Updates for Drupal Web CMS
Drupal is at it again with another round of updated releases. While not major releases, these new versions from Drupal do address a number of security fixes and bugs that were brought to their attention via Drupal’s bug tracking system.
Drupal has announced that there will be no new features added to 6.x or 5.x. They are holding the feature updates and implementation of new features until they are ready to release Drupal 7.x in the near future.
WordPress 2.6.5 release
WordPress 2.6.5 is immediately available and fixes one security problem and three bugs. We recommend everyone upgrade to this release.
The security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2.x. If you are interested only in the security fix, copy wp-includes/feed.php and wp-includes/version.php from the 2.6.5 release package.