Kunena 6.2.5 & module Kunena Latest 6.0.7 released

The Kunena team has announce the arrival of Kunena 6.2.5 [K 6.2.5] which is now available for download as a native Joomla extension for J! 4.3.x/4.4.x/5.0.x. This version addresses most of the issues that were discovered in K 6.1 / K 6.2 and issues discovered during the last development stages of K 6.2

Question Users logged into other users accounts

More
4 years 8 months ago #1 by xreliable
I read through the forum and see this has been an issue in the past but don't see any resolutions. This is a really disturbing situation. I've gotten multiple reports of users being logged into other users accounts and even posting as the other user. I updated to the latest kunena and still getting these reports.

This message contains confidential information

Database collation check: ✔ The collation of your table fields are correct

Joomla! SEF: Enabled | Joomla! SEF rewrite: Enabled | FTP layer: Disabled |

This message contains confidential information
htaccess: Exists | PHP environment: Max execution time: 90 seconds | Max execution memory: 512M | Max file upload: 270M

Kunena menu details:

Warning: Spoiler!

Joomla default template details : Elegant | author: Stack Ideas Sdn Bhd | version: 3.0.1 | creationdate: 13th July 2015

Kunena default template details : Blue Eagle5 | author: Kunena Team | version: 1.5.2 | creationdate: 2018-12-11

Kunena template params:

Warning: Spoiler!

Kunena version detailed: Kunena 5.1.13 | 2019-07-21 [ Mimas ]
| Kunena detailed configuration:

Warning: Spoiler!
| Kunena integration settings:
Warning: Spoiler!
| Joomla! detailed language files installed:
Warning: Spoiler!

Third-party components: None

Third-party SEF components: None

Plugins: None

Modules: None

Please Log in or Create an account to join the conversation.

More
4 years 8 months ago #2 by xreliable
any help here?

Please Log in or Create an account to join the conversation.

More
4 years 8 months ago #3 by xreliable
I updated to the 13.1 patch this morning will this address the potential culprit? Please give me some guidance here. This is a very serious problem and I will need to switch to another option if I cannot get it resolved very soon.

Please Log in or Create an account to join the conversation.

More
4 years 8 months ago #4 by rich
When did you do this upgrade and which version was used before?

Please Log in or Create an account to join the conversation.

More
4 years 8 months ago #5 by xreliable

rich wrote: When did you do this upgrade and which version was used before?


I did the first update from the joomla admin >Extensions>Manage>Update on the 22nd of July which was .13, Before that it was the latest kunena 12.*

then did the 13.1 patch a couple of days later via same method. I got another report from a user about the same problem a few hours after doing the 13.1 patch. He said it happened using an iphone if that makes any difference.

Please Log in or Create an account to join the conversation.

More
4 years 7 months ago #6 by xillibit
Hello,

The login part is handled by Joomla!, i need to check if something has changed in Joomla!

I don't provide support by PM, because this can be useful for someone else.

Please Log in or Create an account to join the conversation.

More
4 years 7 months ago #7 by xreliable
still happening on my site. I'm pretty nervous about this. Seems like a MAJOR security problem.

Please Log in or Create an account to join the conversation.

More
4 years 7 months ago #8 by xreliable
still happening. there are no permissions problems. I have no old or outdated components or plugins. Everything is up to date. I have purged the users sessions multiple times as well as caches. I ran database tools on the tables. Every user who reported this was using kunena. The last report was a few minutes ago. Is there anything else that I can check?

Please Log in or Create an account to join the conversation.

More
4 years 7 months ago #9 by xreliable
still happening

Please Log in or Create an account to join the conversation.

More
4 years 7 months ago #10 by YourFavoriteSpamBot
Could you provide some technical details or more information of any sort?

If this is a general issue, that would be a huge security risk and might force me to temporarily take a site down...

Please Log in or Create an account to join the conversation.

Time to create page: 1.523 seconds