Yeah, I just did a quick Google search and followed the first 150 links,
and about 70-80% of the sites have already fixed this, and return a 404
when I follow the link (if you do this, remember to turn off JS first!)
It's a minor issue, and I do think we nipped it in the bud before it
becam
To say these sites are "compromised" is a bit extreme. People who
were allowed to create profiles (i.e. this only happens to sites where
anybody can join) could take advantage of a minor XSS vulnerability to
seed google requests. Additionally there was a apparently more common
avenue of attack f
It has been fixed, that's what the 2.5.1 and 2.1.4 releases were about.
Full instructions are here:
http://plone.org/documentation/how-to/clean-up-link-spam-on-your-site
-- Alexander
On Thu, 14 Sep 2006 16:54:25 -0700, Alan Runyan
<[EMAIL PROTECTED]> wrote:
Alan Runyan
Enfold Systems,