It was a good while ago that the forums moved to their current location, and the usernames of the site and the forum where merged. Back then i ran in to a problem and reported a bug in the username merge trough the contact form on the site because i didn't want to, i guess you could say advertise, a potential security flaw.
I got a question as a response to my Ticket: KNG-729038, on Apr 27, 2010, which i answered the same day (i guess incorrectly), clarified it the next day, but no further action was taken by the Support Team representative, Ahmad P.
My problem has not been corrected regardless of the many emails i've sent back since, and i suspect the "vulnerability " still exists also.
What vulnerability you might ask?
This was the username i was posting under back when programmingtalk.com was programmingtalk.com
http://www.hotscripts.com/forums/mem...F%26gt%3B.html
but trying to merge that with my hotscripts account, i was given this account:
http://www.hotscripts.com/forums/mem...lle%3F%3E.html
Now a eagle-eyed viewer might have noticed the problem even before opening this thread and even a novice understands the implications of this. I've patiently been waiting for about nine months for someone to fix this, while trying my best not to use the forum just in case this is actually serious.
Proper escaping of input data was like in every other thread before the merge, yet someone forgot to put it in.
Problem with usernames & the new forum location
Linear Mode
