Flexible Content Management System


Technote regarding DCrab Security Advisory

Contributed by CVE references:

The XSS within user.php is reproducible if the default pnAntiCracker is manually disabled in Administration-Settings. This issue is considered 'less critical' but a fix is already available in the public CVS. Please keep in mind that .76x is currently a 'Release Candidate' and not intended for use on production sites.

If any customers experience a problem and believe it to be related to this issue, they should open a bugtracker entry, including enviroment information for debugging.

Please also note our security contact form.


PostNuke Development