-
- 24,544 Posts
They still have this "security vulnerability" listed as unpatched.
http://secunia.com/advisories/28840/
There are some probably inccacurate reports here also:
http://secunia.com/advisories/product/9369/?task=advisories_2008
-
- 7,075 Posts
In my opinion yes it is, secunia reaches a lot of people and even though they can check for themselves @modxcms.com, they might not know about the security notice forum (would be users for instance, checking modx out) and might not make the effort thus dismissing modx as unsecure.
I remember Ryan corrected them once on another notice, but I don’t know through which channel (email, form...)
.: COO - Commerce Guys - Community Driven Innovation :.
MODx est l'outil id
We’ve attempted to contact them regarding this several times and they simply are not being responsive.
Indeed. I’ve requested multiple times for an official channel to respond. Once could easily conclude based on my personal experience anyway that unless you pay them as a customer they don’t really care.
Ryan Thrash, MODX Co-Founder
Follow me on Twitter at @rthrash or catch my occasional unofficial thoughts at thrash.me
-
- 24,544 Posts
I sent this through their contact form, but I doubt if it will do any good:
Secunia’s information on MODx is seriously out of date. MODx team members have tried repeatedly to contact you about this for many months, but have received no response.
We would like to be able to recommend your services and software, but at present, it appears to us that you are presenting security warnings that have not been valid for some time and information that is inaccurate and thus of no value to subscribers.
Please let me know if you are interested in bringing your information up to date.
I feel sorry for the poor suckers who give money to Secunia and believe that they are receiving accurate information.