Announcement

Collapse
No announcement yet.

Possible XSS and PHP Attack !

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Mark.B
    replied
    Not sure what you mean by 'filter'. There's no way to search for posts with HTML in them, if that's what you mean.

    HTML posting should only be enabled for administrators, if at all. Do not allow ordinary members to post HTML.

    Leave a comment:


  • Tobias Pohlmann
    replied
    How can i filter that XSS and PHP in the Mod Cp? Is it possible to filter it?

    Leave a comment:


  • Paul M
    replied
    As far as I can see, there isnt anything to fix, you were posting code in an announcement via the ACP, this is allowed by design, not something an ordinary member can exploit.

    Leave a comment:


  • Tobias Pohlmann
    started a topic Possible XSS and PHP Attack !

    Possible XSS and PHP Attack !

    Today i found on my Forum a possible XSS attack. I informed the user @Dominic

    Hope you will be able to fix it.
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X