This has been fixed. A CA certificate bundle is now included in the build for curl to check against when connecting to SSL enabled URLs, so there'll be no more certificate errors even if a default CA certificate bundle isn't available on the server. Also, user inputs are sanitized, the code posted there are from an older version of Sendy. Thanks for the heads up.