a little bit of zeank » Blog Archive » XSS-Vulnerability in MUCkl v0.4.2 (and earlier)

XSS-Vulnerability in MUCkl v0.4.2 (and earlier)

Thanks to BeF we discovered (and fixed) a XSS vulnerability in MUCkl yesterday. Now there’s a new release of MUCkl (v0.4.3) available for you to download which fixes this issue (and some more bugs too).
If you’re hosting an instance of MUCkl somewhere please upgrade!

By: Steve | 2007/06/22 | MUCkl - sysadmin - XMPP (jabber) | Trackback | Comments [RSS 2.0]

One Response to XSS-Vulnerability in MUCkl v0.4.2 (and earlier)

Comments

Christian DrÃ¶ge

Comment by Christian DrÃ¶ge | 2007/06/25 at 16:16:49

I have just upgraded my 2 muckl installations. Now I can finally use HTTP Binding, because a bug prevented me from using it. Thank you for your work 🙂

Comments are closed