Possible XSS and PHP Attack !

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Tobias Pohlmann
    New Member
    • Sep 2012
    • 16

    Possible XSS and PHP Attack !

    Today i found on my Forum a possible XSS attack. I informed the user @Dominic

    Hope you will be able to fix it.
  • Paul M
    Former Lead Developer
    vB.Com & vB.Org
    • Sep 2004
    • 9886

    #2
    As far as I can see, there isnt anything to fix, you were posting code in an announcement via the ACP, this is allowed by design, not something an ordinary member can exploit.
    Baby, I was born this way

    Comment

    • Tobias Pohlmann
      New Member
      • Sep 2012
      • 16

      #3
      How can i filter that XSS and PHP in the Mod Cp? Is it possible to filter it?

      Comment

      • Mark.B
        vBulletin Support
        • Feb 2004
        • 24286
        • 6.0.X

        #4
        Not sure what you mean by 'filter'. There's no way to search for posts with HTML in them, if that's what you mean.

        HTML posting should only be enabled for administrators, if at all. Do not allow ordinary members to post HTML.
        MARK.B
        vBulletin Support
        ------------
        My Unofficial vBulletin 6.0.0 Demo: https://www.talknewsuk.com
        My Unofficial vBulletin Cloud Demo: https://www.adminammo.com

        Comment

        widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
        Working...