ccNewsletter 1.0.10 security release
Geschrieben von David-Andrew de Boer
Dienstag, 22. März 2011
We received a report that there was a security issue in the current ccNewsletter (Joomla! newsletter) versions. After investigation I can confirm that there is a SQL injection issue in the ccNewsletter module versions 1.0.7 threw 1.0.9. There is already a known security issue in 1.0.6 and earlier, so I advice everyone using a ccNewsletter version before 1.0.10 to upgrade!
You can download ccNewsletter 1.0.10 from our downloads section here. If you need details (because you have done custom modifications to the module), please create a support email where we will share them.
A thank you to Fiona from Spiral Scripts Joomla! Extensions for the report!
In 1.0.10 we also fixed one other issue, where the acknowledgement section was not saving. For ccNewsletter 1.0.11 we are working on 4 small bugs. If you have any questions, and have an active support subscription, send a support email.