Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Two more XSS bugs fixed one in the !post and one in !skincookie processing. Thanks to the hxp CTF contest and Zeyu solution. :) |
|---|---|
| Downloads: | See separate download page |
| Timelines: | family | ancestors | descendants | both | banhammer |
| Files: | files | file ages | folders |
| SHA1: |
7dfa4f56b473f76cbdafbf2ebf3fe7d7 |
| User & Date: | johnfound 2023-03-13 20:08:57.141 |
| Original Comment: | Two more XSS bugs fixed one in the !post and one in !skincookie processing. Thanks to the hxp CTF context and Zeyu solution. :) |
Context
|
2023-03-13
| ||
| 22:45:13 | Well, another XSS fixes. Thanks to sisu. It is the same bug with TSpecialParams.page_title, but on another places in the code. check-in: 5d3ac9a4b1 user: johnfound tags: banhammer | |
| 20:08:57 | Two more XSS bugs fixed one in the !post and one in !skincookie processing. Thanks to the hxp CTF contest and Zeyu solution. :) check-in: 7dfa4f56b4 user: johnfound tags: banhammer | |
| 12:11:48 | Fixed XSS bug in the chat backend. Fixed 2 more XSS bugs, but in FreshLibDev. Update the library! check-in: 32430196f6 user: johnfound tags: banhammer | |
Changes
Changes to source/post.asm.
Changes to source/userinfo.asm.