I’ve upgraded the software running this blog, everything should continue to work exactly as before but if you see anything wrong please send me a message or leave a comment.
Earlier today someone managed to insert some unsafe HTML into a comment on this blog, the actual comment didn’t do anything (it printed the word “test”) but the same technique can be used to insert malicious code into a comment.
This was possible due to a bug in my blogging software, the bug was fixed for the latest version so I dropped everything and upgraded the blog.
I’d like to thank the person who did this (after all, this brought to issue to my attention and I fixed it before any damage was done) and hope this “attack” was an act of curiosity and not a test before a real attack on my blog.
posted @ Saturday, December 26, 2009 1:40 AM