Security of Webinator V6.01

Post Reply
rjshelq
Posts: 75
Joined: Thu Nov 17, 2005 3:25 pm

Security of Webinator V6.01

Post by rjshelq »

I am currently running Free Webinator Version 6.01.1325780201 20120105 (x86_64-unknown-linux2.6.9-64-64) which does everything that I need. So I don't need to upgrade to the current version to get any new features, but I'm wondering: should I upgrade due to any known security issues?

Are there any known security issues with Free Webinator Version 6.01.1325780201 20120105 (x86_64-unknown-linux2.6.9-64-64) which would make upgrading to the current version advantageous?
User avatar
Kai
Site Admin
Posts: 1271
Joined: Tue Apr 25, 2000 1:27 pm

Security of Webinator V6.01

Post by Kai »

There have been a number of enhancements and fixes in Webinator since that release of 6.01. Some of the security-related ones are:

* XSS (cross-site-scripting) vulnerability fixed in search's RSS URL, and admin interface
* SSLv3 deprecated
* Added CSRF (cross-site-request forgery) protection to all forms
* Fixed unverified access to walk errors
Post Reply