Chris Smith writes:
Andi,
Is there another patch to come?
In my brief look through, I didnt' see any checking in or before actions.php. That could mean a spoofed request for a disabled command would perform the processing associated with that command - even if no html was generated.
Andi -- DokuWiki mailing list - more info at http://wiki.splitbrain.org/wiki:mailinglist