WebsiteBaker Logo
  • *
  • Templates
  • Help
  • Add-ons
  • Download
  • Home
*
Welcome, Guest. Please login or register.

Login with username, password and session length
 

News

WebsiteBaker 2.13.9 R22 is now available!

R.I.P Dietmar (luisehahne) and thank you for all your valuable work for WB
https://forum.websitebaker.org/index.php/topic,32355.0.html

* Support WebsiteBaker

Your donations will help to:

  • Pay for our dedicated server
  • Pay for domain registration
  • and much more!

You can donate by clicking on the button below.


  • Home
  • Help
  • Search
  • Login
  • Register

  • WebsiteBaker Community Forum »
  • WebsiteBaker »
  • Security Announcements »
  • Security Hint
  • Print
Pages: [1]   Go Down

Author Topic: Security Hint  (Read 20481 times)

Offline DarkViper

  • Forum administrator
  • *****
  • Posts: 3087
  • Gender: Female
Security Hint
« on: November 27, 2013, 01:23:04 PM »
Last days we got a message that one of a 3thParty package, used in WebsiteBaker, contains a minor security issue. It is not a High-Risk-Level but anyway.

The endangered package  you can find in wb/includes/idna_convert/.
There is a CSRF issue in the file examples.php. This file itself is never needed by WebsiteBaker and can/should be deleted from webspaces as soon as possible.

There is no fix/patch planned against.
To solve these problem, from next official release of WB the file is encapsulated in a ZIP archive, so there is no more possibility to call it from outside.
Logged
Der blaue Planet - er ist nicht unser Eigentum - wir haben ihn nur von unseren Nachkommen geliehen

"We need education to cope with digitalization - and NOT the digitalization of education.!"

Tägliches Stoßgebet: Oh Herr, wirf Hirn vom Himmel !
  • Print
Pages: [1]   Go Up
  • WebsiteBaker Community Forum »
  • WebsiteBaker »
  • Security Announcements »
  • Security Hint
 

  • SMF 2.0.19 | SMF © 2017, Simple Machines
  • XHTML
  • RSS
  • WAP2