JNews, 8.5.1 and all previous,

SQL Injection

Resolution: update to 8.7.1

Update notice url: http://www.joobi.co/blog/jnews-8-7-released.html

Note that due to discrepancy in developer's code between package and repository, some versions of previous security release 8.6.1 are still vulnerable. Therefore users should make sure they update to 8.7.1 to avoid confusion

 

Please contact the developer for more information