Invision Community 4: SEO, prepare for v5 and dormant account notifications By Matt Monday at 02:04 PM
Ricsca Posted January 18, 2022 Posted January 18, 2022 Do you see a vulnerability? Through my account 200 emails have been sent and in the web space I have only installed ipb upgraded to the latest version.
Randy Calvert Posted January 18, 2022 Posted January 18, 2022 IPB itself does not have any insecure PHP mail calls. The only situation in which spam can be sent is if you leverage the Contact Us link. Spammers might use the contact us to send spam to administrators. (This is not sending spam to "the public", but instead the email is sent to whomever is specified as to inbound email address.)
Jim M Posted January 18, 2022 Posted January 18, 2022 There are no means for which a user could email out to random users via the software. If you are seeing this, you would want your hosting or email provider to trace the origins of the email. It could be your hosting or email account is compromised. If you are merely getting bounce back reports or similar, it could be someone is attempting to spoof your email address as well. All things your email provider will need to investigate.
Recommended Posts