×
Kunena 5.1.14 Released - Security release (13 Aug 2019)

The Kunena team is proud to announce the arrival of Kunena 5.1.14 [K5.1.14] which is now available for download as a native Joomla extension for Joomla 3.9.x. This version addresses most of the issues that were discovered in K 5.1 and issues discovered during the development stages of K 5.1.14. This update fixed 1 security issue.

Question issue: Max Links in message not count some link correctly

More
2 weeks 1 day ago #1 by b92
Links are not count in some cases.
Even when setting 'Max Links in message' = 0, link into html code are not count and allows to post spam.

For example :
<a href=https://test.com/>non stopped spam</a> new spam
or
<a href=https://test.com/>non stopped spam 2</a> new spam 2

Can be posted event when 'Max Links in message' = 0

Please Log in or Create an account to join the conversation.

More
2 weeks 1 day ago #2 by rich
Please create a configuration report: docs.kunena.org/en/faq/configuration-report
I can't reproduce this error. Kunena uses BBCodes not html codes.

Please Log in or Create an account to join the conversation.

More
2 weeks 1 day ago - 2 weeks 1 day ago #3 by b92
This message contains confidential information

Database collation check: ✔ The collation of your table fields are correct

Joomla! SEF: Enabled | Joomla! SEF rewrite: Enabled | FTP layer: Disabled |

This message contains confidential information
htaccess: Exists | PHP environment: Max execution time: 300 seconds | Max execution memory: 512M | Max file upload: 128M

Kunena menu details:

Warning: Spoiler! [ Click to expand ]

Joomla default template details : ja_elastica | author: JoomlArt.com | version: 2.5.7 | creationdate: Nov 02, 2017

Kunena default template details : Crypsis | author: Kunena Team | version: 5.1.14 | creationdate: 2019-08-13

Kunena template params:

Warning: Spoiler! [ Click to expand ]

Kunena version detailed: Kunena 5.1.14 | 2019-08-13 [ Nix ]
| Kunena detailed configuration:

Warning: Spoiler! [ Click to expand ]
| Kunena integration settings:
Warning: Spoiler! [ Click to expand ]
| Joomla! detailed language files installed:
Warning: Spoiler! [ Click to expand ]

Third-party components: None

Third-party SEF components: None

Plugins: Search - Kunena Search 5.1.1

Modules: Kunena Latest 5.1.1


The issue is not where using bbcode, but when the 'spammer' is using directly html inluding link.
Last edit: 2 weeks 1 day ago by b92. Reason: info...

Please Log in or Create an account to join the conversation.

More
2 weeks 7 hours ago #4 by rich
It's not possible to add working links with html codes. See here: <a href=https://www.kunena.org/>Kunena</a>
But maybe I did not understand your problem correctly.

Please Log in or Create an account to join the conversation.

More
2 weeks 7 hours ago #5 by b92
Yes, I know it's non working link (for click) for the final user, but it's spam content with link (even if not working).

Please Log in or Create an account to join the conversation.

More
2 weeks 5 hours ago #6 by rich
In this case are the links not the general problem, but the spam users. The registration is handled by Joomla, and when you allow to register, you can never prevent, that spam users register in your page.
It can be helpfull, if you set in the configuration (tab security) Moderate New Users = 1. Then must a moderator approve the first message. Is it spam and a moderator not approve this message, so can this user also not publish his next message.
The problem in this case is only, a Mod or Admin must for all new users approve the first message.

Please Log in or Create an account to join the conversation.

  • Not Allowed: to create new topic.
  • Not Allowed: to reply.
  • Not Allowed: to edit your message.
Time to create page: 0.099 seconds