MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.2 Series > MyBB 1.2 General Support > RSS Exploit
Full Version: RSS Exploit
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

AppleJustworks

2005-10-18, 06:51 PM
One of my team members has pointed out that there is a an RSS Exploit in MyBB PR2. One of my forums, which only allows several User Groups to view it at all (other groups have No Access at all, can't even see it's existence), when given it's RSS URL, all user groups (including not logged in )can have fully read access to it by the RSS. (when they click the Read More, they get the error, but from the RSS page, they can actually see the posts).

Peter

2005-11-02, 04:35 PM
What is the RSS URL that allows for this effect? Please obfuscate addresses so that people will be able to read stuff on your website. However, I do need the arguments given in the URL to determine where things went wrong.

Chris Boulton

2005-11-22, 03:37 AM
Due to a lack of response, i'm moving this bug report.

If anybody else is experiencing a similar problem, please let us know.
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.2 Series > MyBB 1.2 General Support > RSS Exploit