JordanH
Well-known member
Not my job to do your research. However,That's a pretty big claim you're making there.. Can you link to an article discussing this..
https://theadminzone.com/threads/important-security-flaw-in-tapatalk.108618/
https://theadminzone.com/threads/warning-tapatalk-x-scripting-vulnerability.108455/
https://packetstormsecurity.com/files/126367/Tapatalk-Forum-Cross-Site-Scripting.html
https://web.archive.org/web/20140516040443/www.securelist.com/en/advisories/58348
Only to name a couple from a couple years ago. That was never the first, nor was it ever the last. The sad news there have been several vulnerabilities that the plugin seems to create. A lot of them being a X-scripting vulnerability.
Or SQl injections. Sometimes it will take them weeks to patch something. However, that is not the main reason. The main reason is because when they updated their plugin, they often don't even bother to inform any of their users, or administrators to update the plugin, nor let us know that there was a vulnerability, to begin with. Which is a big no-no for me. Chances are most forum owners who are running Tapatalk, probably do not know they are vulnerable.Cross-Site Scripting vulnerabilities allow a third party to manipulate the content or behaviour of a web application in a user's browser, without compromising the underlying system.
Cross-Site Scripting vulnerabilities are often used against specific users of a website to steal their credentials or to conduct spoofing attacks.
Hence why I don't even bother to provide my information on sites that use Tapatalk. Who knows if they are running a vulnerable version or not.
However, this thread isn't here to talk about Tapatalk. So feel free to research more on this topic yourself To get back to the main point, as I listed the pricing details of the site, the features that this app provides for $20/m is $40/m on Tapatalk.
Last edited: