Possible MT exploit ahoy!
Although minor point releases of Movable Type hardly warrant a blog post, it would appear this is a blog worthy one. I came across this entry in my FeedDemon this AM and thought it was worth passing along.
From the mouth's of Six Apart (makers of MT):
Version 3.15 fixes a vulnerability in the mail sending packages for all Movable Type versions which allows malicious users to send email through the application to any number of arbitrary users.All users should install this update.
If you aren't a MT 3 user, or simply don't want to upgrade, they also have plugins available that fix the problem.
Nab the news release on MT 3.15 here, or head on over and checkout the Movable Type Changelog.
Posted by peter on January 25, 2005 at 11:04 AMThanks! I missed this in my own MT message box.
Posted by: Larry Yudelson at January 25, 2005 03:05 PM