It has come to my attention that the WJunction ChatBox is vulnerable to a CSRF attack.
Moderators have been tricked into loading URL's that look like this:
When such links are inserted into "IMG" tags within a post; a moderator will unknowingly ban the user from the ChatBox. In the past few minutes alone, myself and other members of staff have fallen victim to this attack (the links having made us ban ourselves).
This makes it impossible to moderate the ChatBox effectively. It is therefore necessary to disable the ChatBox until further notice.
Thank you.
Moderators have been tricked into loading URL's that look like this:
When such links are inserted into "IMG" tags within a post; a moderator will unknowingly ban the user from the ChatBox. In the past few minutes alone, myself and other members of staff have fallen victim to this attack (the links having made us ban ourselves).
This makes it impossible to moderate the ChatBox effectively. It is therefore necessary to disable the ChatBox until further notice.
Thank you.