Discussion in 'XenForo Pre-Sales Questions' started by mra0, Oct 27, 2010.
Does xenforo go through any type of external/3rd party security check?
what kind of third-party/external audit are you looking for?? Against XSS attacks? SQL Injections? An audit can go any number of ways.
A good company would have an array of audits to go through, remote testing, internal scanning, manually glancing over code, and running specialized softwares. etc.
At XenFans we've run a Google RatProxy for a month, while using the alpha, and found one issue which was due to jQuery converting things back in regards to html entities so xss was possible if you had moderator access with access to inline moderation, but that was it. Other reported things were all insignificant warnings.
I will dump the many gigabyte of data to a report.html soon since we stopped running it when beta2 came out. And mail it to Kier for review.
Separate names with a comma.