Jump to content


Photo

Possible security issue on this forum


  • Please log in to reply
3 replies to this topic

#1 Igor Savkic

Igor Savkic
  • Members
  • 188 posts

Posted 17 March 2017 - 07:27 AM

I'm using Firefox and each time I visit this forum I'm prompted to enter credentials for accessing virteq.com site (see attachment).

 

I see it's being used as some skinning solution so it's not essential, I think it should be removed since their site could be compromised (this authentication prompt is not normal behaviour).

Attached Files



#2 Laksekjønn

Laksekjønn
  • Members
  • 455 posts

Posted 18 March 2017 - 12:26 AM

this script http://forums.smartm...etin/ips.mcr.js

inject some ofending HTML code into the DIV 'mcr-root-container'

<h3>Skin By Virteq</h3>
<div class='ipsBox_container ipsPad'>
  <div style='display: inline-block; margin-left: 2em; margin-right: 10px; vertical-align: top'>
<a href='http://virteq.com/'>
 <img style='height: 80px; width: 80px;' src='http://virteq.com/profile_picture.png' />
</a>
  </div>
  <div style='display: inline-block; margin-left: 2em'>We at 
  <strong>
<a href='http://virteq.com/'>Virteq</a>
  </strong> Would like to thank you for purchasing our product.
  <br />It&#39;s because of you we&#39;re able to continue making awesome skins.
  <br />Best Regards,
  <br />
  <br />Virteq LLC</div>
</div>

When the code is injected, there is a reference to a protected resource "http://virteq.com/profile_picture.png"they probably protect this resource, and asking the basic authentication. chrome will ignore but FF will ask the credentials to load this image. 

 

Injecting code is very suspicious, could redirect a user to specific place and steal some data. This is an ofending code for me.

 

 

 



#3 Jørn E. Angeltveit

Jørn E. Angeltveit
  • Administrators
  • 299 posts
  • LocationNorway

Posted 05 July 2017 - 12:46 PM

FYI:

 

As you see in the footer of the Forum, Virteq is simply the provider of the IPB Skin templated we used for the site.

 

We are looking into the issue, but the work requires a bit more job than first anticipated. We need to update the whole board to v4, as v3.x is no longer supported.



#4 Jørn E. Angeltveit

Jørn E. Angeltveit
  • Administrators
  • 299 posts
  • LocationNorway

Posted 05 July 2017 - 01:27 PM

The issue is fixed now.
  • Nico Wouterse and Ñuño Martínez like this




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users