Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Try Vanilla Forums Cloud product

Feed Back to Vanilla Team - broken blog links and security flaw.

RiverRiver MVP
edited June 2016 in Feedback

all of the links to the blog in https://vanillaforums.com/resources/faqs appear to be broken and just go to the main blog page.

e.g. http://vanillaforums.com/blog/help/how-to-add-facebook-twitter-google-and-openid-to-your-community/

goes to http://vanillaforums.com/blog

http://vanillaforums.com/blog/help/implementing-jsconnect-single-signon-on/

goes to http://vanillaforums.com/blog

all of the subject go to the main page.

Is that your intention or are you aware?

regarding security flaw...

this plugin has been marked as a security vulnerabilty?

wouldn't it be wise to remove a plugin from the downloads area - add-ons if it allows XSS attacks? considering it is advisable to upgrade php and vanilla when security flaws are found. why upgrade vanilla if you can introduce a security issue with a plugin that has been identified to contain one and hasn't been updated.

https://vanillaforums.org/discussion/26973/remote-cross-site-scripting-xss-attack-vulnerability-in-firstlastnames-1-3-2-plugin

Pragmatism is all I have to offer. Avoiding the sidelines and providing centerline pro-tips.

BleistivtvrijvlinderShadowdare

Comments

Sign In or Register to comment.