Hi,
Will there be any new version or patch release for FFCE 2.0 due to the reverse cross-site request (RCSR) vulnerability? Any estimated timeline? I'm planning for an upgrade of our FFCE version to 2.0, but held back the upgrade due to the disclosure of the vulnerability. Appreciate your advise!
Articles on vulnerability:
http://isc.sans.org/diary.php?storyid=1879
http://www.zdnetasia.com/news/security/ ... -39000005c
http://www.theregister.co.uk/2006/11/23 ... print.html
Patch for FFCE2.0?
- DraconPern
- Site Admin
- Posts:1218
- Joined:Thu Oct 30, 2003 11:47 pm
- Location:Texas
- Contact: