Today I’m happy to release the following security advisories: SQL injection in Leed (CSNC-2013-005 / CVE-2013-2627) Cross-site request forgery in Leed (CSNC-2013-006 / CVE-2013-2628 Authentication bypass in Leed (CSNC-2013-007 / CVE-2013-2629) URL redirection in Secure Entry Server (SES) I would take the opportunity to thanks Valentin CARRUESCO aka Idleman for the timely patches he implemented […]