(u=3499)and another one (u=32045)
Topic: wasn't there an exploit through avatars? fixed? (Read 1112 times)
I found another one (u=3499)
and another one (u=32045)
(u=3499)and another one (u=32045)
Im trying to set an avatar but im not able to find it anywhere in the options. Do you need to be full member or something?
Yes. 
Im trying to set an avatar but im not able to find it anywhere in the options. Do you need to be full member or something?
Who has their avatar hosted on a non-bitcointalk website? What domain is it hosted on?
as it is seen in the screenshot it is on blogspot and 38659 is the user id.
as i said it is a very old account from 2011 (so probably set it back then) and has been activated recently after 2 years.
This forum previously allowed users to attach avatars through external sources, such as the one that the affected user has.
I'm not sure when, but I expect that this feature was disabled around the time of this post. Therefore, if the user attached his avatar early enough I expect he is allowed to keep it (similar to animated avatars and users below the required activity limits).
I don't think there is any sort of exploit to worry about unless he set his avatar late on, it is likely just an early member using a feature that isn't around anymore.
I'm not sure when, but I expect that this feature was disabled around the time of this post. Therefore, if the user attached his avatar early enough I expect he is allowed to keep it (similar to animated avatars and users below the required activity limits).
I don't think there is any sort of exploit to worry about unless he set his avatar late on, it is likely just an early member using a feature that isn't around anymore.
From 2011 until now isn't 2 years dude
instead of
~ has been activated recently after 2 years.
and then investigate
https://bitcointalksearch.org/topic/--1231822
then say if it is right or wrong.
I also wanted to have an avatar with the live bitcoin price updated every 10 minutes 
but I'm too lazy to keep looking into it to see if I can or not.
but I'm too lazy to keep looking into it to see if I can or not.not a good idea in my opinion
and not possible so you can not.
From 2011 until now isn't 2 years dude, I also wanted to have an avatar with the live bitcoin price updated every 10 minutes but I'm too lazy to keep looking into it to see if I can or not.
but I'm too lazy to keep looking into it to see if I can or not.
Hmmm, it looks like I had to access http://2.bp.blogspot.com/-d0Ippz-2CN0/TWcO_2wZOiI/AAAAAAAAFZA/ZkU-bL3fUAk/s1600/eagle-4.jpg in order to view his profile. I think this could possible leak information about anyone who views his profile or a page that he posted in.
I will message theymos about this.
I will message theymos about this.
Who has their avatar hosted on a non-bitcointalk website? What domain is it hosted on?
as it is seen in the screenshot it is on blogspot and 38659 is the user id.
as i said it is a very old account from 2011 (so probably set it back then) and has been activated recently after 2 years.
Who has their avatar hosted on a non-bitcointalk website? What domain is it hosted on?
i remember back in my registration date 2014 avatars were disabled and remember reading someone exploited something using avatars by injecting a code through them or something like that (memory is hazy!).
the reason i ask this is because i just noticed someone (an account from 2011) has his avatar hosted somewhere else instead of the picture being on bitcointalk!
normally the avatars are here: https://bitcointalk.org/useravatars/avatar_{some number}.png
but someone has it like this:
the reason i ask this is because i just noticed someone (an account from 2011) has his avatar hosted somewhere else instead of the picture being on bitcointalk!
normally the avatars are here: https://bitcointalk.org/useravatars/avatar_{some number}.png
but someone has it like this:
Jump to: