Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Security Issue: Saved sessions for banned users
We've recently discovered that while a banned user is not allowed to login, (s)he can still visit the direct link to his/her profile and post there, which of course shows up in the activity feed. I'm guess this is because their session is still open. Is this a known issue? Thanks.
1
Comments
Thanks!
Vanilla Forums COO [GitHub, Twitter, About.me]