A critical security issue has been discovered in the XML-RPC for PHP that most applications use, including b2evolution.
It is highly recommended you fix you installation by downloading this
patch file and unzipping it into you /blogs/b2evocore/ folder. This should overwrite the two following files:
This patch has been tested on the latest 0.9.0.12 "Amsterdam" release but is believed to work on all 0.9.0.x versions.
The patch will be included in future releases.