Linc
AdminHackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Linc Admin
Options are papercuts.
Reactions
-
Re: recaptcha.net is down !
For reference, the newer English default text is: <strong>The basic registration form requires</strong> new users to use reCAPTCHA to keep spammers out of the site. You need an account at… (View Post)1 -
Critical security release: Vanilla 2.3.1
This upgrade includes: * A critical upgrade to the PHPMailer library to prevent remote code execution. * Mitigation of a medium-level exploit of the HTTP_HOST header. * Additional minor fixes I will … (View Post)6 -
Re: Critical security release: Vanilla 2.3.1
Yes. (View Post)1 -
Re: Critical security release: Vanilla 2.3.1
The endpoint /utility/update is canonical. I'm unclear why the /utility/upgrade alias is used in the docs and why it isn't functioning in 2.3, but the correct solution is always to use /utility/updat… (View Post)1 -
Re: Critical security release: Vanilla 2.3.1
The critical security flaw in PHPMailer was already not present in the 2.4 prerelease. If you are using 2.4a, you may continue doing so. To close the HTTP_HOST flaw if you're not sanitizing HTTP_HOST… (View Post)7