Fixed Inline moderation loophole: Moderators can move posts to threads they can't access

K

Kirby

Well-known member
Affected version
2.2.7 PL 1
A moderator that only has permissions
  • Use inline moderation on threads / posts
  • Manage (move, merge, etc.) any thread
can move posts from a normally visible thread to a deleted or moderated thread, effectively removing them from public view.

This doesn't seem like smth. that would be expected, especially as merging a normal and a deleted thread does not work.
 
Thank you for reporting this issue, it has now been resolved. We are aiming to include any changes that have been made in a future XF release (2.2.8).

Change log:
Prevent posts from being moved or copied to threads that a moderator cannot view
Click to expand...
There may be a delay before changes are rolled out to the XenForo Community.
 

Similar threads

K
Fixed Inline moderation action Unapprove threads does nothing when processing deleted threads
Replies
1
Views
793
XF Bug Bot
XF Bug Bot
K
Inline moderation deadlock situation
Replies
0
Views
644
Kirby
K
Stuart Wright
Do members treat 'normal' posts by moderators with more gravitas than they should do?
2
Replies
20
Views
2K
Paul B
Paul B
CivilWarTalk
  • Suggestion Suggestion
Lack of interest Option to Force a minimum of 2 moderators to review a queued thread, or post, before rejecting.
Replies
9
Views
988
BobHarbison
BobHarbison
Nulumia
Add-on A Look At The Upcoming Public Release of SEO & Index Tools
2 3
Replies
46
Views
10K
Forsaken
Forsaken
Top Bottom