Important: when posting, please provide your Club Number at a minimum, and as many details as possible.
For further info, please read This page before posting.

Security related - login as another user

  • JRamp
  • JRamp's Avatar Topic Author
  • Offline
  • New Member
  • New Member
  • Posts: 1
  • Thanks: 0

Security related - login as another user

11 years 1 week ago
#49312
Hello,
I've tested this in Chrome and replicated the behavior after seeing this happen initially. For security reasons I don't want to share publicly the entire vulnerability and steps to confirm - but would gladly discuss privately with support members.

The general idea is that after performing a couple steps as target user A , User B logs in and the website shows Users A name and Credentials as the person who has logged in. As User A , I can sign up for roles and edit A's profile, send out Agendas.

Let me know how to proceed.
Club#: 01766106
Club Address: 1766106.toastmastersclubs.org/
The topic has been locked.
  • RogerM
  • RogerM's Avatar
  • FreeToastHost Ambassador
  • FreeToastHost Ambassador
  • Thanks: 0

Re: Security related - login as another user

11 years 22 hours ago
#49442
Fellow Ambassadors,

I've got this one. I have contacted the member via Private Message.
The topic has been locked.
  • RogerM
  • RogerM's Avatar
  • FreeToastHost Ambassador
  • FreeToastHost Ambassador
  • Thanks: 0

Re: Security related - login as another user

11 years 14 hours ago
#49460
I think we found the problem.
The topic has been locked.
Moderators: BrianHeniPamrhtaylor3marc33NotLiableNSBjgavinLcala305peterb323DebbieT
Time to create page: 0.141 seconds

Latest Forum Posts

Copyright © 2025 FreeToastHost 3 Support. All Rights Reserved.