It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
Community
General discussionPSA: Serious security issue.(99 posts)(99 posts)
(99 posts)
Pages:
1
2
3
4
5
6
7
This is my favourite topic
Posted August 25, 2017
avatar
avatar
Crackpot.756: Could this also be done with the quick reply option added by Barefoot Essentials or is that safe?
o.o


avatar
Breja: No, apparently he thought that pointing the security issue to the whole world makes way more sense :D
Honestly, it kinda does. This pretty much forces them to do something unless they really give no shits.
Posted August 25, 2017
avatar
tinyE: The OP once claimed that I was a severe threat and claimed that I had ordered a group of people to intentionally spam delete any post I disagreed with, via a script, in an attempt to take over the forum.
Oh, please... everyone knows your true identity by now, Keyser Söze!

avatar
tinyE: Ever since then I've learned not to take his warnings very seriously. :P
He does have a point now though. I tend to log out and back in frequently though, so I'm not too worried.
Posted August 25, 2017
avatar
Breja: No, apparently he thought that pointing the security issue to the whole world makes way more sense :D
avatar
Crackpot.756: Honestly, it kinda does. This pretty much forces them to do something unless they really give no shits.
Maybe if he first informed GOG, waited for them to take action, and only did this as a last resort after they obviously ignored his warning. But as plan A this just sucks.
Posted August 25, 2017
avatar
Breja: waited for them to take action
Heh. Okay.
Posted August 25, 2017
Let me guess.

You can attach JS code?
Posted August 25, 2017
high rated
> Have you reported the issue to GOG staff?

I have. In the past. Many times. Nothing was ever done.

This time around I also don't expect any action on their part. My goal is to warn the users. I just decided to look into this issue today (prompted by the "91" debacle) and found it right away. If someone was looking for vulnerabilities on purpose and with a malicious goal in mind, they'd have found this a looooong time ago.

So yea, informing GOG is useless. I'd much rather let you know.
Post edited August 25, 2017 by Alaric.us
Posted August 25, 2017
Scary...
avatar
I assume copying text and putting it in the "quote_x" "/quote" brackets while using the "new post" option is safe, right?
Posted August 25, 2017
> I assume copying text and putting it in the "quote_x" "/quote" brackets while using the "new post" option is safe, right?

Should be safe. If you use {quote}{/quote} but with square brackets you probably won't get the name of the person you are quoting. If you note the number of their post and do {quote_22}{/quote} you'll get the regular quote with their avatar.
Posted August 25, 2017
avatar
Frozen: Scary...
avatar
Frozen:
avatar
Frozen: I assume copying text and putting it in the "quote_x" "/quote" brackets while using the "new post" option is safe, right?
Yes.
It's only the buttons that can be dangerous (the author is essentially creating new fake ones by injecting javascript).
Posted August 25, 2017
> It's only the buttons that can be dangerous

Incorrect. The very act of clicking on the reply button will execute code. The fake buttons are just to demonstrate what can be done. Notice that if you hit reply to my original post, an alert message will be displayed before you ever see the buttons.
Posted August 25, 2017
avatar
Yes. By "buttons" I meant Reply button as well.
Posted August 25, 2017
A quick and easy partial fix which breaks OP's exploit would be to disallow any post that contains </textarea>. Just like they did for +91. Just saying.

But to be honest they really should properly escape everything, I'm quite surprised that's currently not the case.
Posted August 25, 2017
low rated
Obligatory Aliens refrence.
Posted August 25, 2017
avatar
WinterSnowfall: I'm quite surprised that's currently not the case.
I'm not.
Posted August 25, 2017
Munchausen by proxy? lol
Pages:
1
2
3
4
5
6
7
This is my favourite topic
Community
General discussionPSA: Serious security issue.(99 posts)(99 posts)
(99 posts)