Reply to thread

Okay, I applied the patch and the situation got worse and turned into a more dangerous one! :LOL: lol


I've got these two users:


Before import

 

UserID: 38647

Username: "Leni"


UserID: 260394

Username: "Leni"


[ATTACH=full]178855[/ATTACH]



The second user is fake and trying to appear as the original user.


This is what happened after applying the patch and import


After Import:

UserID: 38647

Username: "Leni"


UserID: 260394

Username: "Leni"

[ATTACH=full]178854[/ATTACH]



As you can see, It trimmed out the &#XXX characters and made both usernames exact same. o_O

Is that even possible to have same name users in DB?

That would become a major security bug, wouldn't it?


Back
Top Bottom