An update to the WordPress platform, version 2.8.2, was issued earlier today that addresses a security issue known as XSS or cross-site scripting.
It’s an unexpected update, given that version 2.8.1 was released less than two weeks ago. But good to see that the community involved in WordPress development is on the case and with a quick fix.
The announcement post says this about the issue:
WordPress 2.8.2 fixes an XSS vulnerability. Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site. Download 2.8.2 or automatically upgrade from the Tools->Upgrade page of your blog’s admin.
I’m updating and I recommend you do, too, if you run WordPress.
Related post:
4 responses to “WordPress update addresses XSS threat”
Hobson: WordPress update addresses XSS threat: An update to the WordPress platform, version 2.8.2, was is.. http://bit.ly/HImaM
[Blog] WordPress update addresses XSS threat http://tinyurl.com/ktcgrh
Hobson: WordPress update addresses XSS threat: An update to the WordPress platform, version 2.8.2, was is.. http://bit.ly/HImaM
[…] Commnets […]