Forum OpenACS Development: Vulnerability in YUI 2.4.0 through YUI 2.8.1

Please note:

*Whether or not your site uses* the affected components, *as long as it hosts* a YUI 2 distribution between version 2.4.0 and 2.8.1 that includes these files it is affected by this vulnerability.

http://yuilibrary.com/support/2.8.2/

Regards, Michael

Collapse
Posted by Gustaf Neumann on
The vulnerability is now fixed in the HEAD version of OpenACS (in the ajaxhelper package).