https://forums.modx.com/thread/?thread=264 https://forums.modx.com/thread/264/modx-revolution-2-0-3-addresses-pair-of-vulnerabilities#dis-post-1670 reported security vulnerabilities with MODx Revolution 2.0.2-pl and possibly earlier releases:

Input passed via the "modhash" parameter to manager/index.php is not properly sanitized before being returned to the user and input passed via the "class_key" parameter to manager/controllers/default/resource/tvs.php is not properly verified before being used to include files.

We recommend that anyone running previous versions of MODx Revolution upgrade to 2.0.3.

Download MODx Revolution 2.0.3-pl: http://modxcms.com/download/#pl

Details of other improvements introduced in the 2.0.3 release can be found here: http://modxcms.com/forums/index.php/topic,55104.0.html]]> smashingred Sep 30, 2010, 01:47 PM https://forums.modx.com/thread/264/modx-revolution-2-0-3-addresses-pair-of-vulnerabilities#dis-post-1670