Unfortunately no one can be told what FluxBB is - you have to see it for yourself.
You are not logged in. Please login or register.
FluxBB.org Forums » General discussion » Which one is the real?
http://fluxbb.org/trac/changeset/733
Fixed an XSS vulnerability, reported by Patrick.
http://punbb.informer.com/forums/topic/20392/punbb-131/
XSS vulnerability via topic subjects in moderate.php is fixed (reported by PHPLizardo).
It was reported to us by Patrick. So that's who we mentioned.
Who found it first?
Does it matter?
I want to realize who copied who.
It really doesn't matter at all does it?
All that matters is that someone found a bug and its fixed.
Look at the dates. And what does it matter indeed?
Bloody hell, some people can be silly.
I want to realize who copied who.
Technically no one. These software share a good part of the code so they share bugs as well. Take it as the bug reported under GPL licence. 
Technically no one. These software share a good part of the code so they share bugs as well. Take it as the bug reported under GPL licence.
Sharing is caring! 
Nice, I'll make another rhyme.
File sharing is true caring; choose not to pay, choose Piratebay!
...Yea, I know. My poet skills are lousy, 
Anyway, wtf? Well, as long as a suspected/identified problem is solved, it is enough for me. Thanks to the those responsible for it tho.
Last edited by Gotipe (2008-11-29 18:21:03)
Since we are in the general discussion section I will take the chance on asking this loosely related question:
Does XSS means unparsed "<script>" tags or is there more to it than that?
XSS means "Cross Site Scripting".
It is basically inserting malicious code with data that is normally inserted, so, yes, most the time it means <script> tags so that the end user doesn't even notice it.
I am familiar with the term, I was just asking if there is any kind of vulnerability beyond output of unparsed <script> tags.
Like, 'XSS' is used as if it would be a kind of vulnerability when apparently it can only be one thing...
An XSS vulnerability is a cross site scripting vulnerability. The Wikipedia entry does a good job of talking about different "types" of XSS vulnerabilities (Types 1/2 are what you usually see).
http://en.wikipedia.org/wiki/Cross-site_scripting
The exploits do not have to involve Javascript but usually do because they're simplest. I mean, I can craft a custom form that looks just like a login box in an attempt to phish for login details, but why bother when I can use Javascript to almost undetectably steal your cookie and log in that way?
FluxBB.org Forums » General discussion » Which one is the real?
Powered by FluxBB
[ Generated in 0.026 seconds, 9 queries executed ]