fbpx
Welcome, Guest
Username: Password: Remember me

TOPIC: Registrants are injecting html straight into their user name

Registrants are injecting html straight into their user name 7 months 7 hours ago #29104

  • blue_Shift
  • blue_Shift's Avatar
  • Offline
  • New Member
  • Posts: 2
  • Thank you received: 1
  • Karma: 0
It's just nuisance spam (so far) but this is a security hole that needs to be plugged right away.

Here's an example, exactly as they entered their username:
На Ваш счет доступен денежный подарок http://reklawnos.com/[email protected]
Last Edit: 7 months 7 hours ago by blue_Shift.
The administrator has disabled public write access.

Registrants are injecting html straight into their user name 6 months 3 weeks ago #29163

  • dankra
  • dankra's Avatar
  • Offline
  • Premium Member
  • Posts: 142
  • Thank you received: 5
  • Karma: 1
::following::
The administrator has disabled public write access.

Registrants are injecting html straight into their user name 6 months 3 weeks ago #29269

  • admin
  • admin's Avatar
  • Offline
  • Administrator
  • Posts: 4489
  • Thank you received: 647
  • Karma: 116
Hello,

This has been corrected in this commit,
github.com/joomdev/mod_registerlogin/com...c74341e6b3ad3591c9c4

Please download the latest zip from github (github.com/joomdev/mod_registerlogin/arc...efs/heads/master.zip) and it should work for you.

Thanks,
Chetan
Thank You,
If you like our support and products, tweet us at joomdev and let the world know about it.
The administrator has disabled public write access.
Moderators: chandandeep
Time to create page: 0.323 seconds
Cron Job Starts