Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
bug report ? direct link permissions
hi
i disabled the ability of the users to view the profile pages but if a user knows the url he can call directly the page example :http://domain/forum/profile/edit
and he can change the values
i don't think that's ok
i disabled the ability of the users to view the profile pages but if a user knows the url he can call directly the page example :http://domain/forum/profile/edit
and he can change the values
i don't think that's ok
1
Comments