Vulnerability: Comment posting by Guest
|Reported by:||igisev||Owned by:|
|Component:||Comments||Keywords:||comment posting guest|
If on "Discussion Settings" console page
"Users must be registered and logged in to comment" - is checked
then any visitor can leave comments on a site.
But if guest knows Email and/or "display name" of any registered user he can leave the comment as though it was this user!
Admin Email is 'admin[at]myblog.com'. Admin display name is 'Administrator'.
Guest fill out comment form with:
and press the "Submit Comment" button
Full size image: http://img838.imageshack.us/img838/3365/63231804.gif
As a result the comment of the visitor and the comment of the Administrator look absolutely equally! =/
Full size image: http://img193.imageshack.us/img193/274/41043977.gif
What you can say about this? =(