Welcome to Geeklog Wednesday, April 23 2014 @ 06:12 PM EDT
MustLive pointed out a possible XSS in the form to email an article to a friend that we're fixing with this release.
Please note that this problem only exists in Geeklog 1.4.0 - neither Geeklog 1.4.1 nor any older versions (1.3.x series) have that problem.
Upgrades should be straightforward, as you only have to replace one file. Since security issues are often exploited soon after they become public, you should install this upgrade as soon as possible.