Opened 12 years ago
Closed 12 years ago
#4888 closed defect (bug) (no action required)
Security Risk: Insecurity of private groups
Reported by: | douglance | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | critical | Version: | 1.7 |
Component: | Groups | Keywords: | |
Cc: |
Description
An anonymous person has hacked into my private groups.
The content in these groups is sensitive information.
I need a stronger form of security for my groups.
BP should notify users that private groups are not, in fact, private.
Also, if you can please alert me to known hacks and solutions for those hacks. It is greatly appreciated.
Change History (1)
Note: See
TracTickets for help on using
tickets.
There are no known vulnerabilities in BuddyPress.
If you've experienced a problem where someone has gained access to a password or otherwise gotten means to enter your system, then that's not a BP bug. Please head over to http://buddypress.org/support and post specific details about the nature of the problem and someone there may be able to help you.
If it turns out that you have identified an actual, reproducible BP bug, please reopen this ticket with all the details relevant for the developers to troubleshoot.