[imc-sf-active] Dangerous Refresh content on comments
Emmanuel Paulus
epaulus at inbox.com
Sun Sep 24 13:18:03 PDT 2006
Libertinus schreef op 23-9-2006 18:28:
> in the uruguayan site they make the same but didn't work
>
> the meta tag non work and its an old version
>
There is a security path a few months ago who solved the problem.
Spammers now use another related backdoor by placing a <a> tag in the title.
This don't give something wrong but is confusing in the overview and so.
For IMC Antwerpen i change the spam class to refuse all html in the title.
I placed the span check also in the calender.
for who is intrested, the modified files: (check against your version,
some code is changed for other purposes)
http://antwerpen.indymedia.org/test/modified_for_spam.zip
greetings,
Emmanuel
More information about the imc-sf-active
mailing list