| New User, Welcome! Login |
Re: MODx Installation File XSS Vulnerability
| From: |
jason modxcms com |
| To: |
bugtraq securityfocus com |
| Cc: |
|
| Subject: |
Re: MODx Installation File XSS Vulnerability |
| Date: |
Wed - Jul 07, 2010 01:24 PM |
First, it's not a workaround to remove the install directory after installing MODx; it's a absolute requirement, and there is even a checkbox that will do it for you if PHP has permission to remove the files.
Second, no one at or associated with modxcms.com was notified of this in any way, shape or form, on June 16, 2010.
How is this a medium severity? This is absolute nonsense, total FUD, and a complete non-issue. You should never leave the install directory in place or you have much bigger problems than XSS injection.
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
