最后更新于 | 最初发布于 | 分类： ＭＴ笔记
Movable Type 3.15 released 01.24.2005
Version 3.15 fixes a vulnerability in the mail sending packages for all Movable Type versions in which the user has enabled comment notifications. This vulnerability allows a malicious user to send email through the application to any number of arbitrary users.
All Movable Type users should install this update.UPDATE: It should be noted that the default Movable Type installation is not vulnerable to this exploit as comment notifications must be enabled in order for it to be effective. The post above has been modified to reflect that fact.
See this news in MovableType.