Really, not sure how I missed this when I first coded that section. The bug allowed to view ANY forum, including the staff lounge. Topics themselves could not be read though, but topic titles could be seen. There was also a forum that was not added in as being private so I fixed that too.
Archived topic from Iceteks, old topic ID:4223, old post ID:34237
fixed huge security flaw in archive
-
Red Squirrel
- Posts: 29209
- Joined: Wed Dec 18, 2002 12:14 am
- Location: Northern Ontario
- Contact:
fixed huge security flaw in archive
Honk if you love Jesus, text if you want to meet Him!
-
Triple6_wild
- Posts: 1389
- Joined: Sat Sep 06, 2003 5:58 pm
fixed huge security flaw in archive
whoa that was fast lol
tho it may take a while to clear google's cashe ^^
Archived topic from Iceteks, old topic ID:4223, old post ID:34241
tho it may take a while to clear google's cashe ^^
Archived topic from Iceteks, old topic ID:4223, old post ID:34241
Wait what?
-
Red Squirrel
- Posts: 29209
- Joined: Wed Dec 18, 2002 12:14 am
- Location: Northern Ontario
- Contact:
fixed huge security flaw in archive
Yeah that may be a problem, but at least the only thing that was visible is titles and not the thread content. Funny that I thought of securing that but not the rest, though.
Archived topic from Iceteks, old topic ID:4223, old post ID:34244
Archived topic from Iceteks, old topic ID:4223, old post ID:34244
Honk if you love Jesus, text if you want to meet Him!