Vulnerabilities

    CVE-2013-7225 Multiple SQL Injections

    CVE-2013-7224 Default to_json for models

    CVE-2013-7223 Lack of CSRF Protection

    CVE-2013-7222 Known Session Secret

    OSVDB-101577 Arbitrary Command Execution

    CVE-2013-6421 Command injection vulnerability

    CVE-2013-1812 DoS attack to RPs using large XRDS / too many XML entity expansion in XRDS.

    CVE-2013-4315 Directory traversal with ssi template tag

    CVE-2013-6348 XSS via malicious action parameter

    CVE-2013-4457 Recursive Interpolation Vulnerability