ZFGC

ZFGC.com => Feedback => Topic started by: thestig on December 24, 2012, 12:06:22 am

Title: Unclear usability issues / session hijack bug
Post by: thestig on December 24, 2012, 12:06:22 am

http://zfgc.com/index.php/resources/items/view/41
^ Moderation actions are still exposed upon drawing resource entries.

Its also possible to trick the CMS into thinking that you're another user by overriding the session id with an existing one that can match up with a user with higher-access privileges on the forum.

Contact Us | Legal | Advertise Here
2013 © ZFGC, All Rights Reserved