Shreedhar Ganapathy wrote:
>> actually at
>> http://www.glassfishwiki.org/gfwiki/Wiki.jsp?page=GlassFishTechnologyAreas
>> the Attachments are filled up with html files redirecting to porn stuff
>> is it a hack or a new marketing approach to increase page hits? :)
>>
>> P
>>
> Thanks for pointing this out.
It looks like all of these attachments came from IP 194.186.253.237; we
might need to ban that address going forward (at least from writes), if
possible.
> This looks like a hack work. So a security issue with the
> authentication mechanism. Also I dont see a delete button to get
> attachments out.
According to <
http://jspwiki.org/wiki/BugNoWayToDeleteAnAttachmen> :
You can see "Delete this page" on the Attachment Info page (click More
Info...). Only an admin can delete
attachments on this site. You can also upload new versions of the
attachment there.
Does this apply to the jspwiki version we're using on
glassfishwiki.org? If so, could someone who is an admin try it out (or
make my "woodjr" user an admin and I'll look)?
--Jamey