On Wed, May 13, 2009 at 9:00 AM, Andrew Berry <andrewbe...@sentex.net> wrote: > On 12-May-09, at 9:22 PM, Karoly Negyesi wrote: > >> This guy believes in full disclosure so much he discloses everything >> he finds instead letting us fix and disclose. > > Did he report this issue? http://justin.madirish.net/node/339. I still seems > exploitable. I see he's been credited for SA's in the past. It's a shame > that the noise from him is drowning out the real issues he's finding.
It's the same as http://drupal.org/node/372836 or maybe it's even the issue that prompted http://drupal.org/node/372836 Either way, it's "addressed." Regards, Greg -- Greg Knaddison | 303-800-5623 | http://growingventuresolutions.com Cracking Drupal - Learn to protect your Drupal site from hackers Now available from Wiley http://crackingdrupal.com
