XSS bugs in my forum
By Belkacem Benaouda on Wednesday, 02 March 2016
Posted in General Issues
Likes 0
Views 549
Votes 0
I have a security issue the bbc editor in EasyDiscuss accept code html like this I think is a xss bug:

<script>alert('There are XSS in EasyDiscuss we should fix it asap');</script>

any suggestion how to fix this
Thanks for reported, can you try download my attached file and replace into JoomlaFolder\components\com_easydiscuss\helpers\helper.php and see how it goes?
Arlex Wong
·
Wednesday, 02 March 2016 13:20
·
0 Likes
·
0 Votes
·
0 Comments
·
note: I test fresh EasyDiscuss version with new joomla installation and the same problem
Belkacem Benaouda
·
Wednesday, 02 March 2016 06:51
·
0 Likes
·
0 Votes
·
0 Comments
·
Thanks, now work well
Belkacem Benaouda
·
Thursday, 03 March 2016 04:45
·
0 Likes
·
0 Votes
·
0 Comments
·
Hi there,

You are most welcome. Glad to hear that your issue has been resolved now.

As a gentle reminder, kindly start a new thread if you have any other issue in the future so it will be easier for us to manage your inquiry. I will lock and mark this thread as resolved.
Arlex Wong
·
Thursday, 03 March 2016 10:05
·
0 Likes
·
0 Votes
·
0 Comments
·
View Full Post