Message Monitor Console exploit.

fix pls
Locked
User avatar
mullvad
Registered user
Posts: 63
Joined: 12 Dec 2016, 06:40
Byond: mullvad

Message Monitor Console exploit.

Post by mullvad » 20 Dec 2016, 13:42

Bug Description:

The Message Monitor Console contains one exploit caused by improper state validation.
A user is able to call the addtoken or deltoken href to add text to the spamfilter without having to authenticate first.

Locked