Closed
Bug 462535
Opened 17 years ago
Closed 17 years ago
Check QMO2 for Security Problems - redirected to a 3rd party site on a blog post
Categories
(mozilla.org Graveyard :: Server Operations, task)
Tracking
(Not tracked)
VERIFIED
WORKSFORME
People
(Reporter: cbook, Unassigned)
Details
Hi, earlier today i created a Blog Post for the new QMO Page. When you go click now (when you are logged-in) on the Read More Link, its redirecting you to a dangerous 3rd Party Site..
This does not happen when you are not logged in.
The Blogpost is http://quality.mozilla.org/blogs/tomcat/qmo2-beta-and-things-we-are-working-right-now
Is QMO2 hacked ?
|
||
Comment 1•17 years ago
|
||
I can't find the read more link @ http://quality.mozilla.org/blogs/tomcat/qmo2-beta-and-things-we-are-working-right-now
|
||
Comment 2•17 years ago
|
||
It's here:
http://quality.mozilla.org/blogs/tomcat
|
|
||
Comment 3•17 years ago
|
||
closing this bug... it's not a security issue. we had a few problems:
1. input format default was "full html", so someone managed to leave a comment that must have had a redirect in it.
2. comments that are in the approval queue show up for admins (Tomcat and I), so when loading the blog post, they were being rendered (and redirected)... but normal users would not have seen it.
3. there is no issue with the comments being moderated... they are not being published by default for visitors, so we are ok there.
oremj: there are other QMO issues that I would appreciate help with, so don't worry about this one.
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → WORKSFORME
|
||
Updated•11 years ago
|
Product: mozilla.org → mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•