Breez Posted September 14, 2010 Share Posted September 14, 2010 Just wanted to give sugestion about small security issue you guys have, it's not great deal but still could do some damage.you have url links enabled in pm's they should be disabled so you cant hide a link inside the link WHat hacker can do is create whats called phishing page, what that does is lets hacker send you pm with his fake link inside telling you he might have issue with 1 of the posts please have a look at the link to see what Im talking about. now admin, mod, supermod any unlike person that does not know about phishing will end up clicking that link and having the passwords stolen from them.Its only small issue but... if he steals mods pass and sends pm using mod name admin or super mod will not suspect a thing. so best thing to do is disable html in pm's its not need it there any ways.But thats just my sugestion what you guys do is up to you.Good day Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now