+1-888-365-2779
Try Now
More in this section

Forums / General Discussions / Bug in forum post - possible DOS attack vector

Bug in forum post - possible DOS attack vector

10 posts, 1 answered
  1. Jaime Weise
    Jaime Weise avatar
    120 posts
    Registered:
    02 Nov 2008
    25 Apr 2012
    Link to this post
    Bugs Bugs Bugs
    Notice that this link doesn't work any more. There is a bug in the forum that allows a user to post invalid markup that breaks the post so it can never be viewed again. I didn't do this on purpose and wasn't able to reproduce this dos attack. 

    It is a little bit annoying because I was trying to follow the instructions in this now broken forum post. 

    http://www.sitefinity.com/server-error.aspx?aspxerrorpath=/devnet/forums/preview-thread/sitefinity-4-x/general-discussions/content-widgets---filtering-by-custom-field-of-type-classification.aspx 
  2. Jaime Weise
    Jaime Weise avatar
    120 posts
    Registered:
    02 Nov 2008
    26 Jun 2012
    Link to this post

  3. Steve
    Steve avatar
    3037 posts
    Registered:
    03 Dec 2008
    Answered
  4. Jaime Weise
    Jaime Weise avatar
    120 posts
    Registered:
    02 Nov 2008
    26 Jun 2012
    Link to this post
    Ok, thanks, I can read some of my old posts again. 
  5. Steve
    Steve avatar
    3037 posts
    Registered:
    03 Dec 2008
    26 Jun 2012
    Link to this post
    ...I've made telerik aware of the problem...no real movement on it

    Perhaps they're just gonna ignore, since they're in the process of migrating to 5?
  6. Georgi
    Georgi avatar
    3583 posts
    Registered:
    28 Oct 2016
    27 Jun 2012
    Link to this post
    Hello,

    This is not a DOS attack vector. We are temporary having redirect issues with some of the old forum posts. We are working on this. As a workaround, I'd suggest you use the Forum search functionality - it should return you the right forum posts' URLs.

    Apologies for the inconvenience, guys.

    Greetings,
    Georgi
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  7. Jaime Weise
    Jaime Weise avatar
    120 posts
    Registered:
    02 Nov 2008
    27 Jun 2012
    Link to this post
    If you reply to an old post it updates the link and breaks it, so I would disagree. There are no entry points to executing code on the server but I can still make a few posts difficult to view by making replies to them. 
  8. Georgi
    Georgi avatar
    3583 posts
    Registered:
    28 Oct 2016
    28 Jun 2012
    Link to this post
    Hi Jamie,

    If you reply to an old post it updates the link and breaks it, so I would disagree.  

    Perhaps I am missing something. Could you please clarify where do you see this behavior?

    All the best,
    Georgi
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  9. Jaime Weise
    Jaime Weise avatar
    120 posts
    Registered:
    02 Nov 2008
    28 Jun 2012
    Link to this post
    Well, the way I discovered this is by replying to a post that I wrote a long time ago. After I replied I could no longer read the post. I don't know how else I can explain it. 
  10. Georgi
    Georgi avatar
    3583 posts
    Registered:
    28 Oct 2016
    03 Jul 2012
    Link to this post
    Hi Jamie,

    Thanks for the follow up. We'll try to replicate the issue once again. 
    We appreciate your time spent on this case. 

    Kind regards,
    Georgi
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
10 posts, 1 answered