[ZendTo] zend.to 4.1 code injection
Scott Birl
scott.birl at temple.edu
Thu Apr 26 13:10:42 BST 2018
Hello everyone:
Our site is currently using an older version of zend.to, 4.11. We have plans of upgrading to the latest version in the works.
A recent audit by our security team discovered the 4.11 code is susceptible to spider code injection. Off-hand, I do not know the specifics but should be able to provide them if necessary.
The questions become: has this been discovered and fixed already? Is there a way to patch our 4.11 version against it?
Thanks in advance
Birl
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jul.es/pipermail/zendto/attachments/20180426/a86d50d4/attachment-0001.html>
More information about the ZendTo
mailing list