Jump to content


Photo

Possible security issue on this forum


  • Please log in to reply
1 reply to this topic

#1 Igor Savkic

Igor Savkic
  • Members
  • 159 posts

Posted 17 March 2017 - 07:27 AM

I'm using Firefox and each time I visit this forum I'm prompted to enter credentials for accessing virteq.com site (see attachment).

 

I see it's being used as some skinning solution so it's not essential, I think it should be removed since their site could be compromised (this authentication prompt is not normal behaviour).

Attached Files



#2 warleyalex

warleyalex
  • Members
  • 415 posts

Posted 18 March 2017 - 12:26 AM

this script http://forums.smartm...etin/ips.mcr.js

inject some ofending HTML code into the DIV 'mcr-root-container'

<h3>Skin By Virteq</h3>
<div class='ipsBox_container ipsPad'>
  <div style='display: inline-block; margin-left: 2em; margin-right: 10px; vertical-align: top'>
<a href='http://virteq.com/'>
 <img style='height: 80px; width: 80px;' src='http://virteq.com/profile_picture.png' />
</a>
  </div>
  <div style='display: inline-block; margin-left: 2em'>We at 
  <strong>
<a href='http://virteq.com/'>Virteq</a>
  </strong> Would like to thank you for purchasing our product.
  <br />It&#39;s because of you we&#39;re able to continue making awesome skins.
  <br />Best Regards,
  <br />
  <br />Virteq LLC</div>
</div>

When the code is injected, there is a reference to a protected resource "http://virteq.com/profile_picture.png"they probably protect this resource, and asking the basic authentication. chrome will ignore but FF will ask the credentials to load this image. 

 

Injecting code is very suspicious, could redirect a user to specific place and steal some data. This is an ofending code for me.

 

 

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

IPB Skin By Virteq