Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-14241

Security bug into Spambot control Questions

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.1.6
    • Fix Version/s: 3.1.9-RC1
    • Component/s: Other
    • Labels:
      None

      Description

      Spambots can avoid control question.
      phpbb/captcha/plugins/qa.php
      find

         function validate()
         {
            global $config, $db, $user;
       
            $error = '';
            
            if (!sizeof($this->question_ids))
            {
               return false;
            }
      

      Must change to

         function validate()
         {
            global $config;
       
            $error = '';
            
            if (!sizeof($this->question_ids))
            {
               $error = "Wrong question confirmation";
               return $error;
            }
      

        Attachments

          Activity

            People

            Assignee:
            Marc Marc
            Reporter:
            Boris Berdichevski Boris Berdichevski [X] (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: