YOURLS 1.7.4

We’ve just released a security patch for YOURLS, so everyone is advised to update when possible.

What’s new? We’ve hardened security. All prior versions of YOURLS, up to 1.7.3, can be abused in a way that allows a script kiddy malicious user to use your API by forging a valid timestamp, and add unwanted links to your shortener.

How to update? Same and as painless as usual: download the archive and overwrite all existing files. While you’re at it, backup your database, and tell your friends and family to update too!

Short URL to this post: http://yourls.org/ea