MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Security Issue
Full Version: Security Issue
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Cazed1221

2012-06-22, 10:07 PM
Hello everyone, whilst editing my forum, I started with the Panel. After finishing up, I noticed that MyBB recognizes a security risk. This is the code: 
{$lang->welcome_back} <br />(<a href="{$mybb->settings['bburl']}/usercp.php"><strong>User CP</strong></a>{$modcplink}{$admincplink} &mdash; 
<a href="{$mybb->settings['bburl']}/member.php?action=logout&amp;logoutkey={$mybb->user['logoutkey']}">{$lang->welcome_logout}</a>)
<a href="{$mybb->settings['bburl']}/search.php?action=getnew">{$lang->welcome_newposts}</a> | <a href="{$mybb-settings['bburl']}/search.php action=getdaily">{$lang->welcome_todaysposts}</a> | <a href="{$mybb->settings['bburl']}/private.php">   {$lang->welcome_pms}</a> {$lang->welcome_pms_usage}
	
	<span class="links">
		<a href="#" onclick="MyBB.popupWindow('{$mybb->settings['bburl']}/misc.php?action=buddypopup', 'buddyList');"{$lang-             			>welcome_open_buddy_list}</a>
	</span>

Any help would be very helpful, thanks!

Tomm M

2012-06-22, 10:39 PM
Well you have a small problem here:

    <span class="links">
        <a href="#" onclick="MyBB.popupWindow('{$mybb->settings['bburl']}/misc.php?action=buddypopup', 'buddyList');"{$lang-                         >welcome_open_buddy_list}</a>
    </span>

Should be

    <span class="links">
        <a href="#" onclick="MyBB.popupWindow('{$mybb->settings['bburl']}/misc.php?action=buddypopup', 'buddyList');">{$lang->welcome_open_buddy_list}</a>
    </span>
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Security Issue