I'm hesitant to post this on a public forum, but I don't know where to contact spiderling directly

#1
I have found a potentially game breaking bug that needs to be fixed before somebody malicious gets to it.
We all know that we can name our creations, right? And do we all know how XSS works? if not, check out this video
THIS WORKS IN BESIEGE'S "NAME CREATION" BOX
if someone clever and malicious enough gets their hans on this, this could be devastating, spiderling. be careful

P.S. i know that posting this in a pubic forum is a bad idea, but this is where you said to contact you spiderling, so if someone breaks the game before you can fix it that's on you.
 

ITR

l̺̤͈̘̰̺͉̳͉̖̝̱̻̠̦͈ͅ֍̫̜̥̭͖̱̟̟͉͙̜̰ͅl̺̤͈̘̰̺͉̳͉̖̝̱̻̠̦͈ͅ
Staff member
#2
There's an e-mail somewhere too :p

I highly doubt that xss injection is possible in the game-client, seeing how it doesn't run anything in the browser. If you mean inside the steam workshop, then that's on steam (though I doubt it, since they've operated for many years now).

If you mean on the forum then that's on xenforo.

Exactly how do you know it works? Do you have a link to a test where it does?
 
Top