Originally Posted by utok
I just did a successful update by uploading the pixelpost.php to includes and index.php to the admin folder. Everything is working fine.
I also updated the wallpaper resize mod-- going to go repackage that and upload it.
Thanks for making the fix-- I was really getting spammed a bunch. Hope this stops the assaults.
this really wont help stop the everyday spam that plagues the net, the spam issue this corrects is an injection hijack of the comment form, where the box uses a line break to reach the underlying bcc field, basically hijacking your comment form and using the mail notification it sends to forward to email address it placed int he bcc field...turning your blog into a host for spam going to other people
2 users have been infected, we're doing the best way can to save you from it...
changelog from v1.4.2 to v1.4.3
- a few lines of code were added into the index.php comment form code near line like 250 or something like that (i dont actually know the lines off the top of my head, but i am guessing)...w00t
thats about how complex the known fix was...yet, it's insanely important