Topic: Any vulnerability found?

[musicus]

A user in my forum has alerted me on it. Since it it is possible as a normal user to edit texts by other users. This error occurs, not always, but occasionally it happens that every normal user can manipulate text by other users.

All permissions are set correctly

Sorry my bad english

[K@]

The permission you want, isn't shown in either of your screenshots.

The one you want is "Modify posts", left-hand column, second from bottom.

[musicus]

Here is the lost part

[K@]

Weird.

This is a long-shot...

Do the members concerned belong in more than one membergroup, because of post-count groups?

Are they inheriting permissions from there?

If not, I'm stumped, I'm afraid.

[musicus]

 I have two extra Membergroups

Sponsor - normal Users, but they spend money for the server
Zerro - new users - 0-posters

[emanuele]

(almost) Nothing happen "randomly".

Here there is a pattern and I can see it by the half permission in your second picture: "Modify replies to own topics".

That permission gives the possibility to the member who start the topic to modify all the answers to that topic.

[musicus]

But this user who has alerted me to the error, belongs to none or groups mentioned above

[emanuele]

My post refers to your very first post and this image:

[musicus]

Is that better?

[emanuele]

Sorry, but no idea...
I don't speak German.

What I'm saying is that in the image I re-posted there is in the last half line selected the permission "Modify replies to own topics", remove that from any of your groups and the error should disappear.

[musicus]

sorry, now in english

[emanuele]

The permission I'm telling you to remove is not in that part, is a bit below.
You can simply remove the tick from the permission and save.

[musicus]

I hope thats right

[emanuele]

Now, if all your groups are set that way (in your first picture it doesn't seem to be the case) you should be fine.

[musicus]

Thank you for your help