Quote:
i read a lengthy thread on this and it seemed that the module was a good idea but it was not manditory. xoops core was reasonably secure. please tell me where i'm wrong. a link to further reading would be helpful.
yes xoops core is reasonably secure. but reasonably is the keyword there.. xoops protector is an essential module if you want more security, and indeed provides other security measures than the core itself provides.
Quote:
i clicked on "solution" and it states, "Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com."
therefore i did not see a resolution to the issue we're discussing at security focus. that's why i asked the question.
there's no solution yet, because the exploit in the core isn't a valid exploit so no solution is necessary.
however the authors of weblinks module, may not even know about the exploit yet in their module, so maybe some1 could slip them a message informing them.. however i don't think the security focus stated the weblinks version number, which in itself might be an older version of that module.. but still the authors need to be aware of the possibility.
