Published at LXer:
Bad news for just about every wordpress blogger out there. Thousands of wordpress 3.2.1 installations are at risk of being compromised. It has been found that the latest version 3.2.1 of WordPress, an extremely popular suite of tools for powering blogs, is vulnerable to XSS injection attack which allows users to inject malicious javascript due to failure to sanitise the comments feild. Without discussing much about what this vulnerability could do to your blog I will jump to how it works and the solution.
Read More...