xss
-
Not a bug A serious vulnerability related to the implementation of the code on js.
Hi, recently, I found an XSS vulnerability on one of the Russian-language forums. After several hours of research, the following was clear: 1. The forum where this vulnerability was noticed did not filter href. Therefore, it was possible to substitute the following script...- DEDinPALTO
- Thread
- alert javascript xss
- Replies: 1
- Forum: Resolved bug reports
-
Content Security Policy (CSP) for XenForo 2.2
Hi Everyone ! Though there're several thread on this, but I couldn't figure out any appropriate one for latest XF 2.2 release . So, could anyone provide information on how to configure CSP with latest XF ? (for additional info: I'm using cloudflare & adsense) .- JasonBrody
- Thread
- .htaccess adsense apache cloudflare content security policy csp firewall htaccess security xss
- Replies: 1
- Forum: Server configuration and hosting
-
CSS Continues to mess up and puts website in an unusable state.
The URL to our website is: https://hytrade.org/ and before we get into the issues, here is what the website should look like. The problems started just last Sunday where the website suddenly goes into an unusable state where it is both impracticable and not presentable. It is very important...- Wizry
- Thread
- help problem xss
- Replies: 4
- Forum: Server configuration and hosting