Closed progval closed 10 years ago
Hi,
Arbitrary code can be ran through the eval() calls in https://github.com/moztw/forum/blob/master/includes/openid/common.php (last line) and https://github.com/moztw/forum/blob/master/includes/openid/auth.php
Regards, Valentin
@ProgVal Thanks. We fixed it.
appleboy
commented
10 years ago appleboy
commented
10 years ago
Hi,
Arbitrary code can be ran through the eval() calls in https://github.com/moztw/forum/blob/master/includes/openid/common.php (last line) and https://github.com/moztw/forum/blob/master/includes/openid/auth.php
Regards, Valentin