Previous Thread
Next Thread
Print Thread
Hop To
#264746 03/27/2021 8:51 AM
Joined: Mar 2021
Posts: 3
V
Stranger
OP Offline
Stranger
V
Joined: Mar 2021
Posts: 3
Hello!

Where is i can send information about security bug?

The Best Regards!

Vello

Last edited by vello123; 03/27/2021 8:52 AM.
vello123 #264747 03/27/2021 8:58 AM
Joined: Apr 2004
Posts: 1,837
Likes: 110
UBB.threads Developer
Offline
UBB.threads Developer
Joined: Apr 2004
Posts: 1,837
Likes: 110
Open a new trouble ticket if your license is current
https://www.ubbcentral.com/tickets/members.php?t=n

If you have an older version of UBB.threads, your security issue may have already been addressed. What version are you reporting for, and what is it related to?


Current developer of UBB.threads PHP Forum Software
Current Release: UBBT 7.7.5 // Work In Progress: soon
isaac @ id242.com // my forum @ CelicaHobby.com
vello123 #264748 03/27/2021 9:27 AM
Joined: Mar 2021
Posts: 3
V
Stranger
OP Offline
Stranger
V
Joined: Mar 2021
Posts: 3
Security Bug is here on forum.
This is reflected xss.
But i am not a member and i dont can create ticket.

Last edited by vello123; 03/27/2021 9:31 AM.
vello123 #264751 03/27/2021 12:15 PM
Joined: Dec 2003
Posts: 6,353
Likes: 51
Online Yawn
Joined: Dec 2003
Posts: 6,353
Likes: 51
What I understand with reflected xss is:
It is from allowing html submits from a user.

HTML submits can be allowed but it has never been endorsed to allow the general public to use.
This forum software allows the admin to not allow anyone to post using HTML except for the admin if desired.


Blue Man Group
There is no such thing as stupid questions. Just stupid answers
vello123 #264752 03/27/2021 12:19 PM
Joined: Dec 2003
Posts: 6,353
Likes: 51
Online Yawn
Joined: Dec 2003
Posts: 6,353
Likes: 51
BTW,
Your ip and email is reported as bad by stop forum spam.
I do not know why you were not blocked to begin with


Blue Man Group
There is no such thing as stupid questions. Just stupid answers
vello123 #264753 03/27/2021 4:06 PM
Joined: Mar 2021
Posts: 3
V
Stranger
OP Offline
Stranger
V
Joined: Mar 2021
Posts: 3
I allways thought the reflected xss was a bug. I wrote is here about xss, because I like research different forum software.
But ok, not problem.
ip? idk, I use vpn and etc.

vello123 #264754 03/27/2021 5:36 PM
Joined: Jun 2006
Posts: 16,063
Likes: 69
UBB.threads Developer
Offline
UBB.threads Developer
Joined: Jun 2006
Posts: 16,063
Likes: 69
We'll see about adding an additional filter if one doesn't already exist; but at best it looks like all you're going to get out of this is your own cookie information (which you can already use your browser to read or the UBB.threads clear cookies page) and have your own browser redirect you elsewhere.


I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Do you need Forum Install or Upgrade Services?
Forums: A Gardeners Forum, Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!

Link Copied to Clipboard
ShoutChat
Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.
Recent Topics
7.7.5 become member issue
by Ruben - 04/15/2021 10:06 AM
Gobal announcement replies.
by Ruben - 04/09/2021 1:46 PM
Strange parse error in faq.php
by Baldeagle - 04/06/2021 1:12 AM
Upgrading to 7.7.5: Error:
by BB - 04/02/2021 10:48 AM
Does UBB 7.7.5 support webp images
by Ruben - 03/27/2021 12:00 PM
Who's Online Now
3 members (auelboard, Ruben, 1 invisible), 45 guests, and 67 robots.
Key: Admin, Global Mod, Mod
Random Gallery Image
Latest Gallery Images
gallery test
gallery test
by Mors, September 23
Los Angeles
Los Angeles
by isaac, August 6
3D Creations
3D Creations
by JAISP, December 30
Artistic structures
Artistic structures
by isaac, August 29
Powered by UBB.threads™ PHP Forum Software 7.7.5