bitsalt.com
Security hole in tinyMCE plugin
One of my clients recently found out the hard way that there's a security hole in the tinybrowser plugin for tinyMCE. It's a quick fix if you're already using a session variable to manage authenticated users. But it's not necessarily a straightforward fix if your sessions are man