Bug tracking system not functioning?

[Guest]

I have tried http://bugs.cubecart.com/ and wanted to report some feature requests and (possibly) bug reports. But there is "AUTHORIZATION REQUIRED DUE TO SCRIPT XSS VULNERABILITY".

I have tried my username and password without success.

Is this OK or not?

[Guest estelle]

Its okay - Brooky would have password protected it on purpose. And my username/password doesn't work either, so obviously we're not meant to access the bug tracker right now.

I'm guessing someone lodged a bug report that revealed a security flaw in CubeCart... and so he's locked access to the bug tracker until a patch is ready.

I've been curious about it for a couple of days now... ;)

[Guest sunshine]

me too. i tried the other day and got the same thing. But I know is all over that if it is something. CC is his baby.

[Guest EverythingWeb]

Thanks for the comments people.

Instead of any speculation winding up on the forum, I shall temporarily close this thread, until such a time that Brooky can respond.

(Those with Bug Reports to send in, please hold them in your thoughts, until the Bug Tracker is fully back online, as this will help everybody.)

Thank You.

[Al Brookbanks]

Hello folks. Firsly dont panic all is ok. The software used for bug reporting "Flyspray" has an XSS vulnerability which hasn't been fixed by the author yet. CubeCart doesn't have any known XSS vulnerabilities at this time.

I'll open that site again as soon as it has been patched.

Currently it will remain closed to protect this server and all the data on it.

[Guest EverythingWeb]

Hello,

Please find that the BUGS system is back online now, and available for the usual purposes.

Thanks for the understanding, patience and co-operation.

Kindest Regards,

William Renfrew

[Guest estelle]

Apologies for my speculation

Estelle.

[markscarts]

Bummer (for me) is that when it was fixed, I was no longer able to reach the forum - until I bypassed my proxy server. In my setup here, bypassing proxy slows page loading down

But on the bright side, the CC site is up - for awhile when I couldn't reach it, I thought it was broken, offline, fried :wacko:

[Al Brookbanks]

Yup its back (although looks a bit different) and the server is being upgraded to have a 100MBPS port today to cope with the rising traffic.

If anyone has any ideas on how to use 1.5 terrabytes a month give us a shout!! :dizzy:

[Guest]

I see some phperrors on the bug sute while I was registering:

Notice: Undefined variable: register_text in /path/to/bugs/scripts/modify.php on line 607

Notice: Undefined index: project_title in /path/to/bugs/scripts/modify.php on line 607

Notice: Undefined index: flyspray_userid in /path/to/bugs/includes/notify.inc.php on line 264

[Al Brookbanks]

Thanks for this. I've truned error reporting off.

p.s. I had to edit your post for security reasons.