I was informed by a fellow web developer that there is a possible SQL injection vulnerability in csrf_token.
Is anyone else aware of this? It's both the token and 1=1 that is able to be injected.
- 1863
I have a few discussions that are configured in a manner where the most recent comment would be nicer if it was at the top. I have a "Site Updates and Changes" thread that you have to scroll all the way to bottom of to see the most recent update.
Is there any way to change the order of the comments?
If there is another way i should be using this module, please share.
- 1881
I am looking for some assistance with the default "entity_info" and "entity_info_full" information in the account profiles. It seems the email address, IP address and status are hardcoded information to be presented publicly. Is there a way to hide these values from the profiles other than making the entire account private?
- 1859