All patches have been updated to tackle this vulnerability in the Journal module. Thanks to Evaders99 for letting me know about it. You can download the patches through the links available on this site's main page.
If you already are using patch version 3.3 then the only file you need to update is modules/Journal/search.php
Posted on Sunday, November 05, 2006 @ 8:21 AM CST by chatserv