I have just returned from a few weeks away to a barrage of emails detailing four new Pixie vulnerabilities. The good news is that none of them are severe but it is worth being away of these problems. The details are here:
- XSS vulnerability in Pixie (Medium)
- Stored XSS vulnerability in Pixie (Medium)
- XSRF (CSRF) in Pixie (Medium)
- XSRF (CSRF) in Pixie (Low)
These security issues are present in all versions of Pixie including the current stable and beta. Please post your patches and fixes to the forum.