Welcome to Inkbunny...
Allowed ratings
To view member-only content, create an account. ( Hide )
Inkbunny

Security issue fixed

An XSS security vulnerability was discovered and fixed today. The site was offline for about 1 hour while we worked on the issue.

We do not see any evidence of any account having been compromised by this security bug, but if anyone notices any strange activity on their account, please let us know asap.

Although it appears only a single moderator account was targeted by an attack using the exploit, all users have been forced to log in again. Anyone having trouble logging in should contact us at admin@inkbunny.net

Thankfully the use of this exploit was stopped by the various other security layers we have in place, and no attacks using the exploit have succeeded as far as we know.

Thanks!

IB
Viewed: 118 times
Added: 5 years, 4 months ago
 
NinkT
5 years, 4 months ago
good to know.  Keep up the good work guys!
Rhumba
5 years, 4 months ago
Is this a first time an attack against the site has ever come close to succeeding in some way? In the three years I've been here I can't recall any other mentions of any security bugs being exploited.
GreenReaper
5 years, 4 months ago
It's the only time I'm aware of that we didn't find out through responsible disclosure.

My favourite was the one I found which let you change other people's site background. :-D
Rhumba
5 years, 4 months ago
I just remembered the clown nose thing, but that was more of a moderators only deal.
GreenReaper
5 years, 4 months ago
That's a feature! Moderators can set profile pics in case there is a violation of our guidelines.
Reizinho
5 years, 4 months ago
Interesting fact.
GreenReaper
5 years, 4 months ago
We can also just remove them. Came in useful for that purpose a few days ago

Mods have more power than the name implies. Fortunately, we're few in number!
Reizinho
5 years, 4 months ago
" GreenReaper wrote:
Came in useful for that purpose a few days ago!

*is curious*
GreenReaper
5 years, 4 months ago
Oh? Do you know how to keep a secret?

. . . well, so do we. :-)
starling
5 years, 4 months ago
Haha xD
catprowler
5 years, 4 months ago
And it helps to be a tease as well.
DraculJOSHI
5 years, 4 months ago
And not as megalomaniac as some other... people?
GreenReaper
5 years, 4 months ago
Well, it's not an overestimation of power if you really have it! ;-) Besides, as Bertrand Russell said:
" To this type belong many lunatics and most of the great men of history.
The key is being the latter rather than the former.

I think what you're getting at is narcissism - the preoccupation with gaining power and prestige to inflate your own self-worth. It's true: those eager to grasp and use power are often not the best people to have it. Better to give it to someone who will see it as the burden it is.
InannaWDraco
5 years, 4 months ago
I was wondering why I had to sign in again since I didn't log out earlier.  Now I know.  :)
Shokuji
5 years, 4 months ago
Thanks for your hard work, guys. =3
ButtercupSaiyan
5 years, 4 months ago
Still better than FurAffinity.
Lamia
5 years, 4 months ago
" insert 'THIS' image
ButtercupSaiyan
5 years, 4 months ago
The Konami code where you replace "Down" with "FA"?
Charliemon
5 years, 4 months ago
glad its all sorted :)
Catwheezle
5 years, 4 months ago
Thank you once again for watching out for us. I know no other sites on the net which take the safety and privacy of their users as seriously. Not even places like BoingBoing, which harp on about the importance of privacy and encryption. You kick ass on so many levels.
New Comment:
Move reply box to top
Log in or create an account to comment.