s9y.org: Serendipity 1.0.2 and 1.1-beta5 released
The folks at Serendipity have released version 1.0.2 to address cross-site scripting (XSS) vulnerabilities "on the admin backend which could happen if registered authors can be tricked into following a specially crafted URL." The 1.1 Beta 5 also contains this fix along with the following new changes since Beta 1:
- Themes can now support custom amounts and positions of any number of sidebars (top, bottom, left, right etc.) (more)
- Usergroups can now configure which plugins/events a group is allowed to execute (more)
- Added the options to use HTTP-Authentication for your login, which enables you to use secured RSS-Feeds with login credentials
- Some permalinks oddities when using % in URLs and some other minor fixes.
You can read more details about this release at Serendipity.
About this CMS Enthusiast
Bryan Ruby is the owner and editor for CMS Report. He founded CMSReport.com in 2006 on the belief that information technologists, website owners, and web developers desired visiting sites where they could learn about content management systems without the sales pitch. Outside of his late night blogging hours, he is the Information Technology Officer for a field office in the federal government.
