Security Vulnerability Announcement: html_QuickForm
syndicated from planet-php.net
on July 19, 2018
A vulnerability in the html_QuickForm package has been found which potentially allows remote code execution.
A new release of the package is available which fixes this issue. One is strongly encouraged to upgrade to it by using:
$ pear upgrade html_QuickForm-3.2.15
Thanks to Patrick Fingle and the CiviCRM Security Team who reported this issue.