Jump to content


Photo

Security holes.


  • Please log in to reply
2 replies to this topic

#1 ParkourGrip

ParkourGrip

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 18 March 2016 - 22:53 PM

The web server is insecure if you type the following message <IFRAME SRC="http://ipchicken.com/"> in the twitch chat everybody that is watching the stream will see the streamers IP address. You can also show large images, play audio and run java script on the streamers PC. The web server website is executing any HTML code that any user sent in a twitch message. Wouldn't trust it as far as i can throw it.

 

 

 



#2 xedoc

xedoc

    Developer

  • Administrators
  • 1,104 posts
  • LocationKiev, Ukraine

Posted 19 March 2016 - 19:24 PM

Hm I thought I'm filtering that out. Will check it - thank you!

BTW you can switch image display in Settings. 



#3 xedoc

xedoc

    Developer

  • Administrators
  • 1,104 posts
  • LocationKiev, Ukraine

Posted 25 March 2016 - 13:53 PM

Fixed.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users