General Community > Site Comments, Issues and Concerns

UNKNOW !plz check your email box ,i have send you a bug report


about XSS vuln in SMF

Would you mind sending it to me too - I am also a developer here.


Daniel D.:
Post it in the Bug Board?

What do you mean Daniel? This is the Bug Board!

Obviously if there is a vulnerbility we'd want it posted privately and not on the forum :)

I'm interested to see if this is a problem as all input to SMF is well checked for injections and the like so I'm not sure where the problem could lie - but never say never :D

Well, yeah, I guess it is one but it's a "very scary" javascript one. (but you can't do hardly anything with it.)  I'd have to be trying to hack myself to let it happen to me, most people just aren't that stupid.

It doesn't matter though.  I've fixed it and it will be coming next release, but it's nothing to get worried over.

This is site bug reports.  But, post any exploit big or small and I will ban you for a few days at the very least.



[0] Message Index

Go to full version