Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Website Issues
08-23-2015, 11:19 AM, (This post was last modified: 08-25-2015, 05:51 AM by skeight.)
#1
Posts: 13
Threads: 5
Joined: Apr 2014
Reputation: 1
Website Issues
EndenDragon Offline YT: TheCraftedDragon View worlds
*
I have no idea where to put this- so I'm putting it here.

Over the years I have studied HTML and remembered the infamous youtube comment injection. So in an effort to see if Minecraft World Map has any flaws, I managed to upload a few test worlds and added html codes into the "Sponsored URL" box.

But before I did that, I did a bit of research and view the source of the Canterlot map I have uploaded and see how the sponsered download works. Command+F and a search of the word "Download" made me found this line of code.

[EDIT]

Please keep in mind- I am just testing to see the flaw, not inject the site with malicious code.

Please fix the issue as if anyone else who does it- they might actually set malicious code into the website and people can get viruses from them.
Quote
08-24-2015, 11:29 PM, (This post was last modified: 08-24-2015, 11:32 PM by Nathangorr.)
#2
Posts: 823
Threads: 24
Joined: Apr 2012
Reputation: 39
RE: Website Issues
Nathangorr Offline Premium View worlds
***
Thank you for this report, I'm going to email Skeight about this now.
Quote
08-25-2015, 05:53 AM,
#3
Posts: 1,173
Threads: 117
Joined: Feb 2011
Reputation: 48
RE: Website Issues
skeight Offline Administrator View worlds
********
Much appreciated for letting me know about it, I'll have a look. I edited your post so we're not telling everyone how to do it.
Quote


Forum Jump:


Users browsing this thread: 1 Guest(s)