SiteStudio Fixes

Category:     Sub Category:     Release/update period:
Version introduced:     Release introduced:     Version fixed:     Release fixed:    
Your version:   Your release:
Search:        
CRITICAL security fix    (General - Code)#94
Version introduced: 1.6      Version fixed: 1.7.1 final build 51
This patch fixies critical bug that allowed an attacker to retrieve SiteStudio configuration files using the 'template=' request parameter.
Bug fix instructions:
1. Download the fix file into [SS_DIR]/studio/WEB-INF/classes/ directory
2. Unzip/untar it.
3. Chown psoft directory permissions recursively if needed.
Example (for HSphere + SiteStudio owners): chown -R cpanel:cpanel psoft
4. Restart your CP/SiteStudio

This patch is RECOMMENDED for all SiteStudio versions up to 1.7.1rc2
Download fix   Download fix for Windows


© Copyright 1998-2004. Positive Software Corporation.
All rights reserved.