議論 » Greasy Fork镜像 への意見

SQL injection urls on Greasy Fork镜像?

§
投稿日: 2017/11/03

SQL injection urls on Greasy Fork镜像?

Hi,

I just noticed that on my Greasy Fork镜像 profile page, there was added strange prefixs to the urls pointing to my script pages from. Now they have disappeared again, so maybe it is something that comes and goes away again. But at the time of writing you can see something similar on these two profile pages:

https://greasyforks.org/en/users/104201-%E9%BB%84%E7%9B%90
(Every script-link has added "?locale_override=1'A=0'" to it)

https://greasyforks.org/en/users/7036-xinggsf
(Every script-link has added "?locale_override=9'A=0'A=0'A=0" to it)

Has somebody hacked greasyfork.com or is it some kind of innoncent site error?

I have checked in multiple browsers and on two PCs, to make sure it was not my PC or browser. But same behavior.

§
投稿日: 2017/11/03

And above are gone again, but now it's on:

https://greasyforks.org/en/users/47767-%E7%8C%8E%E9%9A%BC%E4%B8%B6%E6%AD%A2%E6%88%88

(?locale_override=9%27A%3D0+HACK+AGARIO+COINS)

§
投稿日: 2017/11/04

Thanks for fix and explanation. Good to hear it was just an innocent bug :-)

返信を投稿

返信を投稿するにはログインしてください

长期地址
遇到问题?请前往 GitHub 提 Issues。