Bug or not?
Posted: Fri 4. Jun 2004, 11:06
Hi y'all,
I think I found a small security issue in the guestbook. Perhaps I am a bit late or someone else found it already but ok.
Everybody who has access to the guestbook can use all replacement tags in a message in the guestbook/commentspart. Is that on purpose or should it be more secure?
Anyone has an idea or comment?
Cheers!
I think I found a small security issue in the guestbook. Perhaps I am a bit late or someone else found it already but ok.
Everybody who has access to the guestbook can use all replacement tags in a message in the guestbook/commentspart. Is that on purpose or should it be more secure?
Anyone has an idea or comment?
Cheers!