Previous Thread
Next Thread
Print Thread
Hop To
#264746 03/27/2021 7:51 AM
Joined: Mar 2021
Posts: 3
V
Stranger
Stranger
V Offline
Joined: Mar 2021
Posts: 3
Hello!

Where is i can send information about security bug?

The Best Regards!

Vello

Last edited by vello123; 03/27/2021 7:52 AM.
vello123 #264747 03/27/2021 7:58 AM
Joined: Apr 2004
Posts: 1,944
Likes: 144
UBB.threads Developer
UBB.threads Developer
Joined: Apr 2004
Posts: 1,944
Likes: 144
Open a new trouble ticket if your license is current
https://www.ubbcentral.com/tickets/members.php?t=n

If you have an older version of UBB.threads, your security issue may have already been addressed. What version are you reporting for, and what is it related to?


Current developer of UBB.threads PHP Forum Software
Current Release: UBBT 7.7.5 // Preview: UBBT 8.0.0
isaac @ id242.com // my forum @ CelicaHobby.com
vello123 #264748 03/27/2021 8:27 AM
Joined: Mar 2021
Posts: 3
V
Stranger
Stranger
V Offline
Joined: Mar 2021
Posts: 3
Security Bug is here on forum.
This is reflected xss.
But i am not a member and i dont can create ticket.

Last edited by vello123; 03/27/2021 8:31 AM.
vello123 #264751 03/27/2021 11:15 AM
Joined: Dec 2003
Posts: 6,555
Likes: 76
Joined: Dec 2003
Posts: 6,555
Likes: 76
What I understand with reflected xss is:
It is from allowing html submits from a user.

HTML submits can be allowed but it has never been endorsed to allow the general public to use.
This forum software allows the admin to not allow anyone to post using HTML except for the admin if desired.


Blue Man Group
There is no such thing as stupid questions. Just stupid answers
vello123 #264752 03/27/2021 11:19 AM
Joined: Dec 2003
Posts: 6,555
Likes: 76
Joined: Dec 2003
Posts: 6,555
Likes: 76
BTW,
Your ip and email is reported as bad by stop forum spam.
I do not know why you were not blocked to begin with


Blue Man Group
There is no such thing as stupid questions. Just stupid answers
vello123 #264753 03/27/2021 3:06 PM
Joined: Mar 2021
Posts: 3
V
Stranger
Stranger
V Offline
Joined: Mar 2021
Posts: 3
I allways thought the reflected xss was a bug. I wrote is here about xss, because I like research different forum software.
But ok, not problem.
ip? idk, I use vpn and etc.

vello123 #264754 03/27/2021 4:36 PM
Joined: Jun 2006
Posts: 16,279
Likes: 114
UBB.threads Developer
UBB.threads Developer
Joined: Jun 2006
Posts: 16,279
Likes: 114
We'll see about adding an additional filter if one doesn't already exist; but at best it looks like all you're going to get out of this is your own cookie information (which you can already use your browser to read or the UBB.threads clear cookies page) and have your own browser redirect you elsewhere.


I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Do you need Forum Install or Upgrade Services?
Forums: A Gardeners Forum, Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!

Link Copied to Clipboard
ShoutChat
Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.
Recent Topics
Member Permissions Help
by domspeak - 02/27/2024 5:31 PM
Forum Privacy Policy
by ECNet - 02/26/2024 10:58 AM
search error on this site.
by Ruben - 02/24/2024 12:52 PM
UBB 20 Years button
by Morgan - 02/20/2024 4:21 PM
Attachment/Cloudflar
e issue

by Morgan - 02/15/2024 5:47 AM
Who's Online Now
1 members (Nightcrawler), 293 guests, and 392 robots.
Key: Admin, Global Mod, Mod
Random Gallery Image
Latest Gallery Images
Los Angeles
Los Angeles
by isaac, August 6
3D Creations
3D Creations
by JAISP, December 30
Artistic structures
Artistic structures
by isaac, August 29
Stones
Stones
by isaac, August 19
Powered by UBB.threads™ PHP Forum Software 8.0.0
(Preview build 20230217)