DO NOT POST exploits ! had to edit your message...
This affects only CB <= 1.0.1 and with PHP setting magicgpcquotes OFF, so you would get a warning with Joomla > 1.0.11 too...
That's one of the reasons CB 1.0.2 got released over a year ago !
CB 1.0.2 and CB 1.1 are not vulnerable to this attack.
Please make sure to always have latest CB installed, specially if a release contains security fixes/improvements...
Post edited by: beat, at: 2008/05/02 16:27