Read this


https://forum.reallusion.com/Topic172.aspx 		Print Topic | Close Window

By RKD - 18 Years Ago
Proof-of-concept to demonstrate a very basic phishing attempt. Might not work in all browsers, but well in FF. Can be deleted. Allowing to post HTML is a security risk.

EDIT: Script code removed. Though someone has quoted it. :rolleyes:
By RKD - 18 Years Ago
Another example (you need to login to view this):

EDIT: Script code removed, since logs show that Reallusion/mods have read the post.
By DELETED2 - 18 Years Ago
RKD (9/12/2007)
Proof-of-concept to demonstrate a very basic phishing attempt. Might not work in all browsers, but well in FF. Can be deleted. Allowing to post HTML is a security risk.

? Misleading!!!
Alowing to post some ADVANCED HTML is only a security risk if the dangerous tags and scripts are permitted.
Raw basic HTML for elements like tables is about as dangeous as a full stop and can do nothing more than draw a box!
Will this element be incorporated here???

By RKD - 18 Years Ago
Misleading? Lol, the above examples are quick and dirty. They only scratch the surface of how the site can be manipulated, user action monitored or cookies captured. There was annoying spam on the fold forum. Allowing HTML and other multimedia foofaraw might bring that to a new level in no time. Just my two cents.
By aknzrdude - 18 Years Ago
well all i know is that it got me - thanks for highlighting it RKD
By RKD - 18 Years Ago
aknzrdude (9/13/2007)
well all i know is that it got me - thanks for highlighting it RKD
Thank you. :)

Security is all the more important now that the forum accounts have been merged with the premium member accounts.