Cilad awgeed markii la abaabulayay kaydinta nidaamka gudbinta nuxurka, marka la isku dayayo in la soo dejiyo mid ka mid ah shirarka maalin ka hor shalay siidaynta sixitaanka Dhismo horudhac ah oo aan ku jirin dhammaan hagaajinta. Dhib kaydka kaliya , shirka si sax ah loo qaybiyey.
Dhammaan isticmaalayaasha soo dejiyey faylka "Python-3.5.8.tar.xz" 12 saacadood ee ugu horreeya ka dib marka la sii daayo waxaa lagula talinayaa inay hubiyaan saxnaanta xogta la soo dejiyey iyagoo isticmaalaya checksum (MD5 4464517ed6044bca4fc78ea9ed086c36). Si ka duwan sii dayntii u dambaysay, nooca horudhac kuma jirin baylahda ee XML-RPC code server. Nuglaanta waxay ogolaatay cirbadeynta JavaScript (XSS) iyada oo loo marayo goobta server_title sababtoo ah la'aanta xagasha xagasha. Weeraryahanku wuxuu gaari karaa beddelka JavaScript haddii codsigu dejiyo magaca server-ka iyadoo lagu salaynayo gelinta isticmaalaha (tusaale, "server.set_server_name('test) β)Β»).
Source: opennet.ru