I wanted to make sure and let everyone know that there is currently a medium-level security issue (an XSS vulnerability) in the Search Module versions 1.1.0 and older.
I've pushed out a new version (1.1.1) to the Marketplace, so make sure and update to that new version as soon as you can.
I want to thank High Tech Bridge for finding the vulnerability, which is addressed here:
https://www.htbridge.com/advisory/HTB23184
while our Issue Tracker is here:
https://www.jamroom.net/the-jamroom-network/tracker/128/xss-vulnerability-in-search-module
Please let me know if you have any questions or concerns.
Thanks!
--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
updated by @brian: 12/28/13 06:53:45AM
JAMROOM
