News tricker bug - FIXED!

Niebieski

tibianus.org
Joined
Jan 29, 2010
Messages
273
Reaction score
7
Location
Poland
Hello! Today I want to show you, how to fix news tricker bug in many of gesior acc. The bug fixed by Kowol!

He made movie for people, who don't know this bug:
YouTube - News Tickers Bug

It is so-called XSS. By this attack we can e.g. make the redirection from the chief side ots.
To fix it, you've to go config/config.php and add this line:
$config['site']['access_tickers'] = 2;
I hope people will fix this bug as fast as they can, so noone can make this attack to them anymore.

Credits to Kowol
 

Jano

oturhaN
Joined
Feb 21, 2008
Messages
874
Reaction score
65
Location
Chile
@Kowol
oooh smart guy, god bless you for discovering this out rep +++++ you rox so much, i wonder how none noticed this before ...

.-.
 

AnarchGov

New Member
Joined
Oct 3, 2011
Messages
263
Reaction score
6
I think this may be a way to PREVENT the hack. However, i have the hack right now and this did not "fix" it. Sadly..
 
Top