topkurs2
Guest
Member
Hello.
Just found some small, but unpleasant bugor feature?
When using IMG tag, manually we can add in this tag any url, any info, not only image.
I mean
Code:
or
Code:
All these tags are parsing by Xenforo in such way:
It's very unsecure. This opens the possibility for attacks, -Redacted-, disclosure of IP address...
Read more
Continue reading...
Just found some small, but unpleasant bug
When using IMG tag, manually we can add in this tag any url, any info, not only image.
I mean
Code:
[img]http://google.com[/img]or
Code:
[img]http://127.0.0.1[/img]All these tags are parsing by Xenforo in such way:
It's very unsecure. This opens the possibility for attacks, -Redacted-, disclosure of IP address...
Read more
Continue reading...
