This seems to be critical privacy bug. Is there any hotfixes?
Screenshot shows the appearance of "delete comment" button for other than author user.
We build. You grow.
Get best community software hereStart a social network, a fan-site, an education project with oxwall - free opensource community software
Deleting of other people comments is accessible for anyone who liked the post [To be fixed] | Forum
Ilja
Nov 12 '13
Something strange. Users reports that in latest version of Oxwall they are able to delete other members comments without any permission, if only they have clicked on "like" button below the post.
The Forum post is edited by Alia Nov 13 '13
fbkca
Nov 12 '13
Wow, that is huge!
I've reproduced this. it seems that since they liked the activity, it now thinks they are the owner, but that is not true. I think the way in which the newsfeed works to display current activity is at fault which others have expressed concerns about.
Oxwall, please address ASAP with a workaround published here.
Thanks!
The Forum post is edited by fbkca Nov 12 '13
Team
Team Alia
Nov 25 '13
No workaround for this one yet.
If the fix will be an easy one, I will post it here once the fix is done by our developers.
If the fix will be an easy one, I will post it here once the fix is done by our developers.
