The security flaw could have allowed an attacker to access a logged-in session on user’s GNU MediaGoblin account, but only if the user didn’t login via a secure HTTP connection, or accessed his/her account on a public computer. However, even so, all MediaGoblin users are urged to update their installations as soon as possible to version 0.8.1.