Support » Plugin: Mingle Forum » [Plugin: Mingle Forum] XSS exploit

Viewing 6 replies - 1 through 6 (of 6 total)
  • All I got was a “Page not found” message when attempting this.

    Tested on version :

    I think the previous version dont have this issue

    That’s interesting. Maybe the reason nothing happened on my site was because I had PHPIDS set up and it would have stopped anything like that regardless of where it was inputted. A moderator may want to look at this as well as contacting the author of the plugin.

    Moderator Jan Dembowski


    Brute Squad and Volunteer Moderator

    Can you provide more detail why you think it’s a problem with the plugin? I mean, where is the problem file?

    Looking at the log in trac (trac is your friend) I’m not seeing anything leap out at me. But it is early where I am and I’ve only had one cup of coffee so far. 😉

    Take a look at that second link in my post, if you can point out an issue that would help identify where/if there is a problem with the plugin.

    Edit: *Re-reads, sips more coffee* There may need to be a check inserted but can you reproduce the XSS steps more clearly?

    Moderator Ipstenu (Mika Epstein)


    🏳️‍🌈 Halfelf Rogue & Plugin Review Team Rep

    ATTIADONA – Please do not publicly post exploits like this.

    Email them to and contact the developer directory.

    Plugin Author cartpauj


    This fix will be in 1.0.34 of Mingle Forum.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘[Plugin: Mingle Forum] XSS exploit’ is closed to new replies.