March '09

02

Posted by

in Security

Piwik Response to Zend Framework Security Advisory ZF2009-02

ZF2009-02: XSS vector in Zend_Filter_StripTags

Piwik 0.2.33 (released Mar. 2, 2009) and earlier versions are not affected by this security advisory (disclosed Mar. 2, 2009) because Piwik uses a subset of ZF which does not include Zend_Filter.

Piwik users are, however, encouraged to upgrade to take advantage of new features and bug fixes.

Reference: Cross-site scripting vector in Zend_Filter_StripTags

About author
piwik team member

Anthon Pang

Anthon is a Software Developer from Canada and an active Piwik team member since 2007. He has contributed some of the earliest and most critical code in Piwik, such as the Javascript Tracker. Anthon also built and maintains our QA infrastructure.

Like what you read?

Subscribe to our rss feed: Posts or you can Suggest a topic to write about in the blog or See list of Features