From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on gnuweeb.org X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF autolearn=ham autolearn_force=no version=3.4.6 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gnuweeb.org; s=default; t=1682222222; bh=MwZM35iM6YZBd4eDnFIp62OLBJl/7WaW4CacG4my434=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=gssxifUPOTMHrUyj03RJCCc1r/J90tiYEtoVV0xHcp3r92QrJ+WOF8fzCzi2zMHhb nJmLLugLKE7hiFPFodRYJyADDMC4j1TzZQi7lGQ6B8Kl8Hg9Pbe22eu9LXMBd+7JRh h3G9TT0ofaMjGFzRWRE9vLF6FxY3Y66vyJfnvRdGIwi3uY5+R74dlk254NxkpHKRV5 lMw1SNyadsgzxE0HNTMHgDkocGcl0D/oMHDaTraeV4TALBXwwoAi2FQHNTo0x1EVR3 HnJKtqHdVKmHHVCA+4XaZAFiOHhoyI3qXgml9CUpBI0s38ij+rI1z9cJvhzUkd8ll9 5C/kBnuRZJQeQ== Received: from biznet-home.integral.gnuweeb.org (unknown [182.2.68.80]) by gnuweeb.org (Postfix) with ESMTPSA id 2F99324581C; Sun, 23 Apr 2023 10:57:00 +0700 (WIB) Date: Sun, 23 Apr 2023 10:56:57 +0700 From: Ammar Faizi To: Moe Cc: Alviro Iskandar Setiawan , GNU/Weeb Mailing List Subject: Re: CF ticketing system is still vulnerable Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Bpl: hUx9VaHkTWcLO7S8CQCslj6OzqBx2hfLChRz45nPESx5VSB/xuJQVOKOB1zSXE3yc9ntP27bV1M1 List-Id: On Sun, Apr 23, 2023 at 03:48:27AM +0000, Moe wrote: > I think they just don't take this seriously. > > They always say that they have fixed known bugs without confirming it > first :v Yeah, that's what I hate about KiosTix. They don't seem to be competent in addressing security report. We don't even see any mitigation or immediate hot patch to address the vuln. -- Ammar Faizi