Discuss Scratch
- Discussion Forums
- » Norsk
- » Test Post, plz ignore
![[RSS Feed]](//mv-ezproxy-com.ezproxyberklee.flo.org/scratchr2/static/__35b9adb704d6d778f00a893a1b104339__//djangobb_forum/img/feed-icon-small.png "[RSS Feed]")
![[RSS Feed]](http://mv-ezproxy-com.ezproxyberklee.flo.org/scratchr2/static/__35b9adb704d6d778f00a893a1b104339__//djangobb_forum/img/feed-icon-small.png "[RSS Feed]"){kind=icon}
- novice27b
-
Scratcher
1000+ posts
Test Post, plz ignore
Just testing some potential BBCode security issues, hopefully where nobody will see…
Last edited by novice27b (Dec. 9, 2016 22:54:44)
- novice27b
-
Scratcher
1000+ posts
Test Post, plz ignore
More test
Last edited by novice27b (Dec. 9, 2016 22:51:04)
- card100
-
Scratcher
1000+ posts
Test Post, plz ignore
First of all, your taking advantage of another language. Second of all, the BBcode is VERY sandboxed.
- novice27b
-
Scratcher
1000+ posts
Test Post, plz ignore
First of all, your taking advantage of another language. Second of all, the BBcode is VERY sandboxed.It isn't sandboxed, it's a markup language. It's output is supposed to be syntactically valid HTML, although I found an exploitable bug which in this case could enable a 3rd party website to automatically force you to follow another scratch user.
I'm currently deciding whether to report to ST or DjangoBB first.
Last edited by novice27b (Dec. 17, 2016 17:46:37)
- Discussion Forums
- » Norsk
-
» Test Post, plz ignore