[buddypress-trac] [BuddyPress] #2343: SECURITY RISK (internal): Forum posts are "promiscuous" and can be hacked by unauthorized users
buddypress-trac at lists.automattic.com
buddypress-trac at lists.automattic.com
Mon Apr 26 21:55:54 UTC 2010
#2343: SECURITY RISK (internal): Forum posts are "promiscuous" and can be hacked
by unauthorized users
----------------------+-----------------------------------------------------
Reporter: 3sixty | Owner:
Type: defect | Status: new
Priority: critical | Milestone: 1.2.4
Component: Forums | Keywords: has-patch, needs-testing
----------------------+-----------------------------------------------------
Comment(by johnjamesjacoby):
This solution works to prevent the bug, but for core we need to take into
account situations where groups might not be turned on and forums might be
using other components.
There are only a few functions where these two components are required to
talk to each other, and its best to keep that to a minimum if we can.
Getting closer.
--
Ticket URL: <http://trac.buddypress.org/ticket/2343#comment:8>
BuddyPress <http://buddypress.org/>
BuddyPress
More information about the buddypress-trac
mailing list