Activity Stream
Quick Links
48,167 MEMBERS
6801 ONLINE
Register Now
besthostingforums On YouTube Subscribe to our Newsletter besthostingforums On Twitter besthostingforums On Facebook besthostingforums On facebook groups

Results 1 to 2 of 2
  1. 31st Dec 2011, 06:45 PM
        
    #1
    Loget is offline
    OP
    Loget
    Respected Member

    Default ChatBox Vulnerability

    It has come to my attention that the KWWHunction ChatBox is vulnerable to a CSRF attack.

    Moderators have been tricked into loading URL's that look like this:



    When such links are inserted into "IMG" tags within a post; a moderator will unknowingly ban the user from the ChatBox. In the past few minutes alone, myself and other members of staff have fallen victim to this attack (the links having made us ban ourselves).

    This makes it impossible to moderate the ChatBox effectively. It is therefore necessary to disable the ChatBox until further notice.

    Thank you.
    Loget Reviewed by Loget on . ChatBox Vulnerability It has come to my attention that the KWWHunction ChatBox is vulnerable to a CSRF attack. Moderators have been tricked into loading URL's that look like this: http://i.imgur.com/Ln4OC.png When such links are inserted into "IMG" tags within a post; a moderator will unknowingly ban the user from the ChatBox. In the past few minutes alone, myself and other members of staff have fallen victim to this attack (the links having made us ban ourselves). This makes it impossible to moderate the Rating: 5
    Reply With QuoteRegister To Reply Ping this articlePing

    2.   Sponsored Links

  2. 31st Dec 2011, 08:04 PM
        
    #2
    Loget is offline
    OP
    Loget
    Respected Member
    The issue has been temporarily fixed.
    Reply With QuoteRegister To Reply
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Critical Vulnerability in Windows RDP
    By shahaz in forum Hosting Discussion
    Replies: 0
    Last Post: 15th Mar 2012, 10:32 AM
  2. Sborg's xss vulnerability
    By masterb56 in forum Server Management
    Replies: 5
    Last Post: 1st Sep 2011, 07:07 AM
  3. Heyy if chatbox is coming what is that am i banned from chatbox
    By nosmoking in forum General Discussion
    Replies: 1
    Last Post: 22nd Mar 2011, 05:41 AM
  4. [Hiring] Someone to do Comprehensive Vulnerability Tests
    By The90sKid in forum Completed Transactions
    Replies: 3
    Last Post: 30th Nov 2010, 04:15 AM
  5. Linux Kernel Vulnerability - Please Read
    By robert420 in forum News & Current Events
    Replies: 2
    Last Post: 23rd Sep 2010, 03:04 PM

Tags for this Thread

BE SOCIAL
FAQ | SITEMAP
Copyright ® 2008 - 2015 besthostingforums.com
Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.
BestHostingForums.com is a great place to learn about Internet Marketing Online, SEO Techniques, Search Engine Marketing and resources for Web Development.