[buddypress-trac] [BuddyPress] #2343: SECURITY RISK (internal): Forum posts are "promiscuous" and can be hacked by unauthorized users
buddypress-trac at lists.automattic.com
buddypress-trac at lists.automattic.com
Mon Apr 26 19:34:25 UTC 2010
#2343: SECURITY RISK (internal): Forum posts are "promiscuous" and can be hacked
by unauthorized users
----------------------+-----------------------------------------------------
Reporter: 3sixty | Owner:
Type: defect | Status: new
Priority: critical | Milestone: 1.2.4
Component: Forums | Keywords:
----------------------+-----------------------------------------------------
Comment(by 3sixty):
thanks, I came across this while coding a plugin.
I agree that the permalink will usually be hard to find, but now that the
bug is public, it makes me hesitant for reasons I don't want to further
describe. probably best to patch this one quickly. I can try to review the
core code, but I have no idea where to start on this one - is it a problem
at the bp "slug" level??
--
Ticket URL: <http://trac.buddypress.org/ticket/2343#comment:3>
BuddyPress <http://buddypress.org/>
BuddyPress
More information about the buddypress-trac
mailing list