A critical security issue has been discovered in the XML-RPC for PHP that most applications use, including b2evolution. It is highly recommended to fix. This should overwrite the two following files in /blogs/b2evocore/ folder: * _functions_xmlrpc.php * _functions_xmlrpcs.php This patch has been tested on the latest 0.9.0.12 "Amsterdam" release but is believed to work on all 0.9.0.x versions. The patch will be included in future releases. Ref: http://b2evolution.net/news/2005/07/05/fix_for_xml_rpc_vulnerability How-To-Repeat: http://b2evolution.net/news/2005/07/05/fix_for_xml_rpc_vulnerability
State Changed From-To: open->closed Committed, Thank you.