Updates Security Update

Discussion in 'Announcements' started by wedgar, Sep 16, 2014.

  1. wedgar

    wedgar Administrator Staff Member Gold Member

    A cross site request forgery (CSRF) issue has been identified in module of the software our forum uses. This issue may allow an attacker to make requests and carry out actions as one of your members.

    The notice was released today and we have updated our forum today as well.
     
    W.T. Jones likes this.
  2. W.T. Jones

    W.T. Jones Moderator Staff Member Silver Member Golden GPS Recipient AtlDiv EPA Leader AtlDiv ARES Member

    Cross Site Scripting Attacks! Yahoo! And I don't mean the company.

    Nasty for the user but profitable for the attacker.

    Good job on the fast update of the software...
     
    wedgar likes this.
  3. wedgar

    wedgar Administrator Staff Member Gold Member

    It is an obligation to keep sites as secure as possible. The software authors for this forum have an outstanding reputation on security which is one of the reasons we are using this software.

    Thanks!
     
    W.T. Jones likes this.
  4. W.T. Jones

    W.T. Jones Moderator Staff Member Silver Member Golden GPS Recipient AtlDiv EPA Leader AtlDiv ARES Member

    If more Internet Users were as responsible as you and the software authors are then the Internet would be a better place.

    Right now it is like doing business in a bad neighborhood.
     
    wedgar likes this.
  5. wedgar

    wedgar Administrator Staff Member Gold Member

    Thanks! I want a safe friendly place for people to gather.

    And I KNOW what I take into a bad neighborhood! :whistle:
     
  6. W.T. Jones

    W.T. Jones Moderator Staff Member Silver Member Golden GPS Recipient AtlDiv EPA Leader AtlDiv ARES Member

    wedgar likes this.
  7. wedgar

    wedgar Administrator Staff Member Gold Member

    Outstanding! About time.

    We've got some aggressive protection for the forum's registration process. The bad guys are constantly trying to get in and spam advertise their stuff and I can see the number of attempts (many each day).

    To date, no speaker had been able to get in.
     
  8. W.T. Jones

    W.T. Jones Moderator Staff Member Silver Member Golden GPS Recipient AtlDiv EPA Leader AtlDiv ARES Member

    Keep up the good work. Nothing will ruin the forum like lousy advertising. I won't call it Spam because I have too much respect for the Hormel Company.
     
    wedgar likes this.

Share This Page