ccenter: security vulnerability
The security vulnerability is readable comment via comment_new.php or comment_edit.php.
You can check it, send form and add comment by guest or normal user(not admin) and rewrite com_itemid/com_id in url and that can not read other threads is collect work.
(Source from the main-dev, thanks to Nobuhiro-san for info.)
You can check it, send form and add comment by guest or normal user(not admin) and rewrite com_itemid/com_id in url and that can not read other threads is collect work.
(Source from the main-dev, thanks to Nobuhiro-san for info.)
Leave a comment