Hi all,Yesterday we discovered a security vulnerability in CE version 1.0.4 (edge) that allowed users to log in as other users when using the password reset feature. Anyone currently using that version is advised to upgrade to the latest edge branch (v.1.0.4.1)<http://github.com/bborn/communityengine/commit/6deef91d9b8ccfa45be626a9514db29169df7e4a>. Please note that this problem is not present in the master branch (v1.0.3). Please let me know if you have any questions. Thanks, Bruno
--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CommunityEngine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/communityengine?hl=en -~----------~----~----~----~------~----~------~--~---
