Bug in forum post - possible DOS attack vector
Bugs Bugs Bugs
Notice that this link doesn't work any more. There is a bug in the forum that allows a user to post invalid markup that breaks the post so it can never be viewed again. I didn't do this on purpose and wasn't able to reproduce this dos attack.
It is a little bit annoying because I was trying to follow the instructions in this now broken forum post.
http://www.sitefinity.com/server-error.aspx?aspxerrorpath=/devnet/forums/preview-thread/sitefinity-4-x/general-discussions/content-widgets---filtering-by-custom-field-of-type-classification.aspx
What I've found is that it's the stupid "-4-x-" in the URL...
http://www.sitefinity.com/devnet/forums/preview-thread/sitefinity/general-discussions/content-widgets---filtering-by-custom-field-of-type-classification.aspx
Ok, thanks, I can read some of my old posts again.
...I've made telerik aware of the problem...no real movement on it
Perhaps they're just gonna ignore, since they're in the process of migrating to 5?
Hello,
This is not a DOS attack vector. We are temporary having redirect issues with some of the old forum posts. We are working on this. As a workaround, I'd suggest you use the Forum search functionality - it should return you the right forum posts' URLs.
Apologies for the inconvenience, guys.
If you reply to an old post it updates the link and breaks it, so I would disagree. There are no entry points to executing code on the server but I can still make a few posts difficult to view by making replies to them.
Hi Jamie,
If you reply to an old post it updates the link and breaks it, so I would disagree.
Perhaps I am missing something. Could you please clarify where do you see this behavior?
Well, the way I discovered this is by replying to a post that I wrote a long time ago. After I replied I could no longer read the post. I don't know how else I can explain it.
Hi Jamie,
Thanks for the follow up. We'll try to replicate the issue once again.
We appreciate your time spent on this case.