Upgrade to version 2.6.1-pl3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=310122
Vendor Specific Advisory URL
Secunia Advisory ID:14599