[buddypress-trac] [BuddyPress] #2343: SECURITY RISK (internal): Forum posts are "promiscuous" and can be hacked by unauthorized users
buddypress-trac at lists.automattic.com
buddypress-trac at lists.automattic.com
Mon Apr 26 21:26:47 UTC 2010
#2343: SECURITY RISK (internal): Forum posts are "promiscuous" and can be hacked
by unauthorized users
----------------------+-----------------------------------------------------
Reporter: 3sixty | Owner:
Type: defect | Status: new
Priority: critical | Milestone: 1.2.4
Component: Forums | Keywords: has-patch, needs-testing
----------------------+-----------------------------------------------------
Comment(by boonebgorges):
jjj - Your patch didn't work for me on the most recent trunk.
$bp->groups->current_group->forum_id wasn't getting populated. I didn't
trace it all the way back, but could that be because bp_has_forum_topics
isn't getting called on the topic pages?
This new patch does a manual lookup of the groupmeta for forum_id instead.
--
Ticket URL: <https://trac.buddypress.org/ticket/2343#comment:7>
BuddyPress <http://buddypress.org/>
BuddyPress
More information about the buddypress-trac
mailing list