Potential XSS Issue with Anonymous Comments
Thursday, February 05 2009 @ 05:54 AM CST
Contributed by: Mark
Bjarne Mathiesen Schacht has reported a potential XSS issue when a site accepts anonymous comments. To resolve the issue, please update the lib-comment.php file in the private/system/ directory.
You can also disable anonymous comments which resolve the issue as well. It is still recommended that you apply the following update.
This fix can be applied to v1.1.0 and v1.1.1 of glFusion. If you are running an older version, please update to the latest release version as soon as possible.