No announcement yet.

Flash Vulnerability (Flash Origin Policy Issue)

  • Filter
  • Time
  • Show
Clear All
new posts

  • Flash Vulnerability (Flash Origin Policy Issue)

    ** exploitable flaw

    After reading this or this I would like to talk about ways we can mitigate this. Looks like forums that allow uploads could be a huge target. Is this something that the VB team can fix on the VB side? Other then disabling uploads what are some options to protect ourselves? Looks like a fix might be a long way off (facepalm)…

    Seems like a good fix for this would be to allow VB to accept a 2nd domain that can be used to host all the Avatars, Signatures, Pictures etc (even if it resolves to the same IP address)... For now I shut off all uploads.
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.