Bug or not?

Use GitHub to post bug reports and error descriptions for phpwcms. Describe your problem detailed!
Locked
DrubusCulubus
Posts: 47
Joined: Sat 10. Apr 2004, 12:53
Location: NL

Bug or not?

Post by DrubusCulubus »

Hi y'all,

I think I found a small security issue in the guestbook. Perhaps I am a bit late or someone else found it already but ok.

Everybody who has access to the guestbook can use all replacement tags in a message in the guestbook/commentspart. Is that on purpose or should it be more secure?

Anyone has an idea or comment?

Cheers!
http://qoala.nl - Nieuws om op te reageren!
Top
User avatar
Oliver Georgi
Site Admin
Posts: 9913
Joined: Fri 3. Oct 2003, 22:22
Contact:
Contact Oliver Georgi

Post by Oliver Georgi »

New release has a fix for it. No PHP possible.

Oliver
Oliver Georgi | phpwcms Developer | GitHub | LinkedIn | Систрон
Top
DrubusCulubus
Posts: 47
Joined: Sat 10. Apr 2004, 12:53
Location: NL

Post by DrubusCulubus »

Thanks Oliver! I'll try it out a.s.a.p.!

Cheers!
http://qoala.nl - Nieuws om op te reageren!
Top
Locked

Return to “phpwcms Bug Reports”