There is a potential vulnerability in the system for handling comments from listeners/users. I have fixed it in a new release, PodHawk 1.73. You should upgrade your PodHawk installation as soon as possible.
Only two files need to be changed – podhawk/inc/commenthandler.php and podhawk/inc/smarty-functions.php. The new versions of these files are available for download here. You can if you prefer simply download these two files and upload them to your site in place of the existing files with these names. They will work on any PodHawk version since 1.7. If you have an older version, please consider upgrading now.
The vulnerability affects only the inbuilt PodHawk commenting system, not the option to use Disqus comments.
blog comments powered by Disqus