ios-personmd-notifications md-help-circle

Profile

  • Guest
    medal 0
  • Posts: 21
  • Post Likes: 3765

Notifications

  • No Unread Notifications

Forum
Images disabled temporarily on the forum

warning
This thread is closed. Threads older than 6 weeks are closed automatically. To continue this discussion, create a new thread.
angle-double-left ios-arrow-back 1 2 ios-arrow-forward angle-double-right
md-lock This topic has been closed by the moderator
medal 5542 Community Manager
4 years 164 days ago
Hello managers,

In order to improve the forum experience and safety for all the players we’re going to disable the images on the topics for a short period of time.
md-quotelink
medal 5000
4 years 164 days ago
i hope it really is temporarily as this has totally destroyed my league's forum thread. 
md-quotelink
medal 5549 CEO & CTO
4 years 164 days ago
Hi William, we identified a potential security issue with what could be embedded via the image tag, so we're going to patch that before putting it live again.

Thanks for your patience and understanding.
md-quotelink
medal 5008
4 years 164 days ago
Jack
Hi William, we identified a potential security issue with what could be embedded via the image tag, so we're going to patch that before putting it live again.

Thanks for your patience and understanding.

(How) Has this been noticed before, and was it the 'thread raid' just previous that alerted you to it?


md-quotelink
medal 5549 CEO & CTO
4 years 164 days ago
I don't know what the 'thread raid' is a reference to, but the moving of many forum threads recently was related to it, if that's what you mean. A group of individuals were able to move threads around the forum for a short time. We've since restored all threads to their correct forums and are in the process of putting in prevention measures so that it won't be possible in future.
md-quotelink
medal 5000
4 years 163 days ago

Jack
I don't know what the 'thread raid' is a reference to, but the moving of many forum threads recently was related to it, if that's what you mean. A group of individuals were able to move threads around the forum for a short time. We've since restored all threads to their correct forums and are in the process of putting in prevention measures so that it won't be possible in future.



Jose was really the bad one! I knew it was a bad moderator or bad person of some kind, he only said it was a bug, but the bug was the entrance for the bad guys! Glad you are patching it.
md-quotelink
medal 5000
4 years 163 days ago
I am curious: was the  potential security issue a CSRF one?
md-quotelink
medal 5542 Community Manager
4 years 163 days ago

CenSy

Jack
I don't know what the 'thread raid' is a reference to, but the moving of many forum threads recently was related to it, if that's what you mean. A group of individuals were able to move threads around the forum for a short time. We've since restored all threads to their correct forums and are in the process of putting in prevention measures so that it won't be possible in future.



Jose was really the bad one! I knew it was a bad moderator or bad person of some kind, he only said it was a bug, but the bug was the entrance for the bad guys! Glad you are patching it.


Hello,


Thanks for your feedback. My account was compromised during the attack. That’s why the move of the topics were performed from my account and with my name.
md-quotelink
medal 5000
4 years 162 days ago
wow unlucky Jose, I hope you've made sure to check your accounts on other websites have not been compromised as well, if not I would do so very quickly.
md-quotelink
medal 5542 Community Manager
4 years 162 days ago

Leo
wow unlucky Jose, I hope you've made sure to check your accounts on other websites have not been compromised as well, if not I would do so very quickly.


Hello Leo,


I appreciate a lot your consideration. Password weren't compromised during this issue. Only the session was hijacked.
md-quotelink
medal 5000
4 years 160 days ago
It has been days since it was removed.

How long will it take to put the images back? Actually, has the security threat been fixed or on its way to be fixed?
md-quotelink
medal 5542 Community Manager
4 years 160 days ago
Hello,

The security issue has been fixed. We don’t have an estimated date for the images re-enabling yet.
md-quotelink
medal 5004
4 years 159 days ago

José
Hello,

The security issue has been fixed. We don’t have an estimated date for the images re-enabling yet.

Good evening José, is there any update on a rough time scale? Are we talking a few more days/weeks? 


md-quotelink
medal 5542 Community Manager
4 years 159 days ago
Hello Sam,

Next week we’ll have a fix deployed almost 100% sure. Apologies!
md-quotelink
medal 5004
4 years 159 days ago
That’s great, thanks for confirming ??
md-quotelink
medal 5002
4 years 152 days ago
How close are we to this being reverted?
md-quotelink
medal 5000
4 years 149 days ago
Yes same question, When are you going to re-enable the images on the topics?
md-quotelink
medal 5542 Community Manager
4 years 149 days ago
Hello managers,

Last week we had urgency issues that needed a maximum priority. We keep working on the images re-enabling and security measures but unfortunately I can’t provide an estimated date.
md-quotelink
medal 5000
4 years 149 days ago
Guys why do the reply’s take 10 seconds to get through 
md-quotelink
medal 5000
4 years 148 days ago
When I look at my reply’s from the messages it takes 10 seconds for it to load
md-quotelink
md-lock This topic has been closed by the moderator
angle-double-left ios-arrow-back 1 2 ios-arrow-forward angle-double-right

You must be logged in to post a reply.