Hello, A vulnerability has been discovered in Mojolicious and Dancer recently, it has been fixed in both projects. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1589 Dancer provides a security patch for this issue in the last stable release: 1.3051 https://github.com/sukria/Dancer/blob/devel/CHANGES#L55 You are strongly adviced to upgrade any public website that is powered by a previous version of Dancer. For those of you who use the Debian package of Dancer, a security fix has been released as well: http://packages.qa.debian.org/libd/libdancer-perl/news/20110528T145222Z.html Regards, -- Alexis Sukrieh -+- Hackers gonna hack! “The problem with quotes on the Internet is that you can't always be sure of their authenticity.” -- Abraham Lincoln http://sukria.net http://twitter.com/sukria