Quote:
|
Originally Posted by MagicalTux
Kristi, the XSS problem was on the old forums (where Moonie got her password stolen).
Now we're using version 3.0.1 of vBulletin. I tested the XSS you mentionned and this version is not vulnerable to this.
Also the people are getting a hash of the password, and not the password. They can login to the forum with that but they still have no idea of what the password is.
|
*high five*
Well then it's all good (ps: i realized and put an edit)
I didn't know 3.0.1 wasnt vunerable to it, ill have to toy around later and see what I can find in 3.0.1