[Typo3] encryptionKey value comprimised! - security issue

[Ingo Renner]

Am Wed, 6 Jul 2005 17:02:19 +0200 (CEST) schrieb Darryl Krause:

Hi Darryl,
 
> I have discovered that my enryptionKey is being revealed through the urls in indexed search results. Kind of scary!
this is a known bug which is fixed in current versions of indexed_search /
TYPO3 3.8. In anycase this will not allow people to get into the BE or
such. 

If you want to fix it in your installation you simply have to unset
'encryptionKey' in the cHash array in class.indexer.php in
EXT:indexed_search.

regards
Ingo

-- 
Use a newsreader! Check out
http://typo3.org/community/mailing-lists/use-a-news-reader/