External Security Check

mra0 · Oct 27, 2010

Does xenforo go through any type of external/3rd party security check?

ManagerJosh · Oct 27, 2010

what kind of third-party/external audit are you looking for?? Against XSS attacks? SQL Injections? An audit can go any number of ways.

Floris · Oct 29, 2010

ManagerJosh said:
what kind of third-party/external audit are you looking for?? Against XSS attacks? SQL Injections? An audit can go any number of ways.

A good company would have an array of audits to go through, remote testing, internal scanning, manually glancing over code, and running specialized softwares. etc.

At XenFans we've run a Google RatProxy for a month, while using the alpha, and found one issue which was due to jQuery converting things back in regards to html entities so xss was possible if you had moderator access with access to inline moderation, but that was it. Other reported things were all insignificant warnings.

I will dump the many gigabyte of data to a report.html soon since we stopped running it when beta2 came out. And mail it to Kier for review.

External Security Check

mra0

Member

ManagerJosh

Well-known member

Floris

Guest

Similar threads

We value your privacy