Subscribe: RSS
  • The MODx Revolution 2.0.3 release addresses a pair of reported security vulnerabilities with MODx Revolution 2.0.2-pl and possibly earlier releases:

    Input passed via the "modhash" parameter to manager/index.php is not properly sanitized before being returned to the user and input passed via the "class_key" parameter to manager/controllers/default/resource/tvs.php is not properly verified before being used to include files.

    We recommend that anyone running previous versions of MODx Revolution upgrade to 2.0.3.

    Download MODx Revolution 2.0.3-pl: http://modxcms.com/download/#pl

    Details of other improvements introduced in the 2.0.3 release can be found here: http://modxcms.com/forums/index.php/topic,55104.0.html
      Author of zero books. Formerly of many strange things. Pairs well with meats. Conversations are magical experiences. He's dangerous around code but a markup magician. BlogTwitterLinkedInGitHub

    This discussion is closed to further replies. Keep calm and carry on.