search

quickapps / cms

Modular CMS powered by CakePHP
GNU General Public License v3.0
164 stars 69 forks source link

Fix: security vulnerability with the "UserLogin" cookie #67

Closed ataylor32 closed 12 years ago

ataylor32 commented 12 years ago

If you'd like to know how the security vulnerability works, feel free to contact me. Just know that it's a serious vulnerability that's easy to exploit.

quickapps commented 12 years ago

XSS I guess, thanks for the fix! I'll also add some extra security to this "remember me" feature.