RSS Feed shows an admin edit link instead of article link
Bug #382260 reported by
Wildrocker92
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| phpns |
Invalid
|
Undecided
|
Unassigned | ||
Bug Description
I was playing around with the rss feed and I found a very dangerous bug.
The title of the article links to the edit page of the post and not to the article page of shownews.php
I attached an image with the feed source code showing the security bug.
Greetings!
Revision history for this message
| Wildrocker92 (wildrocker) wrote | #1 |
Revision history for this message
| alecwh (alecwh) wrote | #2 |
| Changed in phpns: | |
| status: | New → Invalid |
| security vulnerability: | yes → no |
| visibility: | private → public |
Revision history for this message
| Wildrocker92 (wildrocker) wrote | #3 |
To post a comment you must log in.
This is not a bug. If you are logged in to phpns, you will be given a slightly different RSS feed for admins. If you are logged out, or you use the rss feed out of the admin panel, that will not show up.
Comment back if you have questions.