We would like to thank Joshua Hansen and Scott Caveza for their help in identifying and helping us debug two XSS vulnerabilities that had the potential to effect users using internet explorer browser with versions lower than 8, or when xss protection was explicitly off. We avoided the urge to call this version 0.6.6.6 and resumed the regular naming policies. Those vulnerabilities don’t pose any risk to webmasters or hosters using Transposh, but to users that might trust scripts from these sites by using the sneaky XSS method.
This release also bundles two other changes that were already committed and would have probably waited for a later release otherwise, the first being a small improvement to the parser, enabling support for some more html “breaker entities” such as ’ which were created by software trying to outsmart the user, we would like to thank archon810 on his help in this bug report.
Last but not least is a change in the support for Google Sitemaps XML generator, the patch has one letter removed in order to have proper support for php5.3, and on other good news, the coming version 4 of this plugin has support already built in, this version also helps in breaking the 50k url limits that some users had. So we would to thank Arne Brachhold on his great work on this project.
So everybody, go and upgrade! just because finding an image to match this post was such a difficult fit.