RSS feed privacy compliance

Editions: all
Versions: 4.2.8 - 4.3.5

It has been brought to our attention that unfortunately personal data is published in the RSS feeds of our software. Affected are the VIMP versions 4.2.8 to 4.3.5. In detail it concerns the e-mail address and the user name of the author of the corresponding contribution.

With VIMP 4.3.6 the author and thus all personal data was removed from the RSS feed.

We apologize for the inconvenience! We urgently recommend our customers, who still have one of the mentioned versions in use, to update to VIMP 4.3.6 or a newer version!

In the following we will explain how you can fix the problem in the affected VIMP versions yourself.

Edit file

lib/util/stToolkit.class.php

and remove the following line 592 (depending on the VIMP version the line number may differ):

$entry ->addChild('author', htmlspecialchars($item->getEmail().' ('.$item->getOwner().')', ENT_QUOTES));

 

Last update on 2021/04/27 by Admin.

Go back