MyBB Community Forums

Full Version: Restrict ACP session-related cookie path to admin directory
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
As the ACP security bug hunt is on, the path of the cookies related to the ACP session should be set only to the admin directory, so they are not accessible on other parts of the forum.
Definitely agreed.
Agree - it should be in a pack of security improvements for 1.8.3
+1 from me.
Thank you, I'll create a GH issue for 1.8.4
(2014-11-22, 09:06 PM)Pirata Nervo Wrote: [ -> ]Thank you, I'll create a GH issue for 1.8.4

Thank you for this.