Jump to content

Security Problem on the "Share this link via Email" Page


IPBSupport.de

Recommended Posts

The

index.php?app=forums&module=extras&section=forward&url=TOPICURL



Page (Share this link via Email) need a Captcha!

At the moment the form abused by Spambots to send Spam from the forum. Hope IPS will fix it ASAP (highly recommended at 3.1.2). :ph34r:

Here a Screenshot of a Spammail (see the message between the failure notice message):

post-145138-072825300 1278275812_thumb.p

Link to comment
Share on other sites

Given the immediate abuse potential (which can get a site's emails blacklisted hurting valid registration emails) can we get a patch for this? Also if the facebook login css/skin (overflow with custom fields) error has been fixed can that be added too? :)

Link to comment
Share on other sites

We are focusing heavily on getting 3.1.2 wrapped up and ready for release. That means we don't exactly have enough time write not to be releasing piece-meal patches (and I suspect this patch isn't just a couple of lines of code in one file either), but instead are trying to get the entire release ready for everyone as soon as possible. :)

Link to comment
Share on other sites

  • 7 months later...

Was this change made and distributed? Because I still have the issue.

I'd rather have a choice of captcha and questions -- and certainly I'd like to shut it off for guests and other groups (e.g. banned).

I've had this actively exploited.

Link to comment
Share on other sites


Was this change made and distributed? Because I still have the issue.



I'd rather have a choice of captcha and questions -- and certainly I'd like to shut it off for guests and other groups (e.g. banned).



I've had this actively exploited.



If it's a problem for you, just disable it. I'd like to know how many people actually use that button anyway. If I want to share a thread with a friend, a "real" email telling them about it is a lot more personal than some forum-generated "Look at this!" message.
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...