ios-personmd-notifications md-help-circle

Profile

  • Guest
    medal 0
  • Posts: 21
  • Post Likes: 3765

Notifications

  • No Unread Notifications

Forums > Global Forums (English) > Announcements

Forum
Images disabled temporarily on the forum

warning
This thread is closed. Threads older than 6 weeks are closed automatically. To continue this discussion, create a new thread.
angle-double-left ios-arrow-back 1 2 ios-arrow-forward angle-double-right
md-lock This topic has been closed by the moderator
José Trujillo medal 5666 Community Manager
4 years 128 days ago
Hello managers,

In order to improve the forum experience and safety for all the players we’re going to disable the images on the topics for a short period of time.
md-quotelink
William Robert medal 5000
4 years 128 days ago
i hope it really is temporarily as this has totally destroyed my league's forum thread. 
md-quotelink
Jack Basford medal 5302 CEO & CTO
4 years 128 days ago
Hi William, we identified a potential security issue with what could be embedded via the image tag, so we're going to patch that before putting it live again.

Thanks for your patience and understanding.
md-quotelink
Rhys James medal 5015
4 years 128 days ago
Jack
Hi William, we identified a potential security issue with what could be embedded via the image tag, so we're going to patch that before putting it live again.

Thanks for your patience and understanding.

(How) Has this been noticed before, and was it the 'thread raid' just previous that alerted you to it?


md-quotelink
Jack Basford medal 5302 CEO & CTO
4 years 127 days ago
I don't know what the 'thread raid' is a reference to, but the moving of many forum threads recently was related to it, if that's what you mean. A group of individuals were able to move threads around the forum for a short time. We've since restored all threads to their correct forums and are in the process of putting in prevention measures so that it won't be possible in future.
md-quotelink
CenSy Tan medal 5000
4 years 127 days ago

Jack
I don't know what the 'thread raid' is a reference to, but the moving of many forum threads recently was related to it, if that's what you mean. A group of individuals were able to move threads around the forum for a short time. We've since restored all threads to their correct forums and are in the process of putting in prevention measures so that it won't be possible in future.



Jose was really the bad one! I knew it was a bad moderator or bad person of some kind, he only said it was a bug, but the bug was the entrance for the bad guys! Glad you are patching it.
md-quotelink
Cole Trickle medal 5000
4 years 127 days ago
I am curious: was the  potential security issue a CSRF one?
md-quotelink
José Trujillo medal 5666 Community Manager
4 years 127 days ago

CenSy

Jack
I don't know what the 'thread raid' is a reference to, but the moving of many forum threads recently was related to it, if that's what you mean. A group of individuals were able to move threads around the forum for a short time. We've since restored all threads to their correct forums and are in the process of putting in prevention measures so that it won't be possible in future.



Jose was really the bad one! I knew it was a bad moderator or bad person of some kind, he only said it was a bug, but the bug was the entrance for the bad guys! Glad you are patching it.


Hello,


Thanks for your feedback. My account was compromised during the attack. That’s why the move of the topics were performed from my account and with my name.
md-quotelink
Leo Yeo medal 5000
4 years 126 days ago
wow unlucky Jose, I hope you've made sure to check your accounts on other websites have not been compromised as well, if not I would do so very quickly.
md-quotelink
José Trujillo medal 5666 Community Manager
4 years 126 days ago

Leo
wow unlucky Jose, I hope you've made sure to check your accounts on other websites have not been compromised as well, if not I would do so very quickly.


Hello Leo,


I appreciate a lot your consideration. Password weren't compromised during this issue. Only the session was hijacked.
md-quotelink
CenSy Tan medal 5000
4 years 124 days ago
It has been days since it was removed.

How long will it take to put the images back? Actually, has the security threat been fixed or on its way to be fixed?
md-quotelink
José Trujillo medal 5666 Community Manager
4 years 124 days ago
Hello,

The security issue has been fixed. We don’t have an estimated date for the images re-enabling yet.
md-quotelink
Sam Martin medal 5007
4 years 123 days ago

José
Hello,

The security issue has been fixed. We don’t have an estimated date for the images re-enabling yet.

Good evening José, is there any update on a rough time scale? Are we talking a few more days/weeks? 


md-quotelink
José Trujillo medal 5666 Community Manager
4 years 123 days ago
Hello Sam,

Next week we’ll have a fix deployed almost 100% sure. Apologies!
md-quotelink
Sam Martin medal 5007
4 years 123 days ago
That’s great, thanks for confirming ??
md-quotelink
Leo Yeo medal 5004
4 years 116 days ago
How close are we to this being reverted?
md-quotelink
Leo Hackins medal 5000
4 years 113 days ago
Yes same question, When are you going to re-enable the images on the topics?
md-quotelink
José Trujillo medal 5666 Community Manager
4 years 113 days ago
Hello managers,

Last week we had urgency issues that needed a maximum priority. We keep working on the images re-enabling and security measures but unfortunately I can’t provide an estimated date.
md-quotelink
Bob TY medal 5000
4 years 113 days ago
Guys why do the reply’s take 10 seconds to get through 
md-quotelink
Bob TY medal 5000
4 years 112 days ago
When I look at my reply’s from the messages it takes 10 seconds for it to load
md-quotelink
md-lock This topic has been closed by the moderator
angle-double-left ios-arrow-back 1 2 ios-arrow-forward angle-double-right

You must be logged in to post a reply.