Quick reply or advanced button redirect to PayPal

Cap'n Jack

Cap'n Jack

Final Approach
Joined
Jun 25, 2006
Messages
8,783
Location
Nebraska
Display Name
Display name:
Cap'n Jack
This one's wierd...
  • Do an advanced lookup on the string "Jesse Tristan"
  • Select the thread about Jesse and Tristans bundle of Joy" (about their cat's name
  • Click the quick reply button
  • Get redirected to paypal
I hovered the cursor over one of the buttons- please note the link in the bottom left of the image (it shows where the button or link will redirect).

Edit- just searching out the thread manually, without going through the search option, will also show those buttons redirecting to Paypal.


Highest bidder gets to name the cat?:smile:
Whis is the cat's name now?
 

Attachments

  • jesse.jpg
    jesse.jpg
    183.8 KB · Views: 17
Last edited:
lmfao. Ted broke it. He found...a way...to do something bad.. (completely innocent of course).
 
Last edited:
Well, crap.

The vBulletin permissions setup for signatures on our user groups permitted HTML in signatures. This is *bad* as it allows people to inject javascript, steal sessions, and completely bust pages like Ted did.

I'd like to thank Ted for finding the above problem -- because rather him then someone doing it to be malicious. Essentially he used a <form> tag in his permissions which over-rode the quick reply form.

We're all fixed now :)
 
jesse said:
<SNIP >

I'd like to thank Ted for finding the above problem -- because rather him then someone doing it to be malicious. Essentially he used a <form> tag in his permissions which over-rode the quick reply form.

We're all fixed now :)
Click to expand...

Hey- I helped too!:smile:

All joking aside, thanks for fixing it
 
I know Ted was having problems with his signature last night. But dang I did not think he could screw up the PoA board.

Job Jesse taking care of it.
 
You must log in or register to reply here.
Back
Top