Hello! Another Crossite Scripting (XSS) problem was discovered in DokuWiki by David Coallier. Search queries are not escaped correctly which allows an attacker to construct links to the search containing malicious JavaScript. This could be used to steal user cookies. Because DokuWiki's user cookies are encrypted, the risk is relative low, but I recommend to fix these problems as soon as possible in your installation. The downloadable archive of release 2005-09-22 available at http://www.splitbrain.org/go/dokuwiki was updated to incorporate the needed fixes. Alternativly you can follow the instructions at http://bugs.splitbrain.org/?do=details&id=604 to fix the problems your self. Regards Andi