Post
Topic
Board Gambling
Re: DaDice.com - Next Generation Social Gambling Dice Experience
by
dadice_dev
on 06/06/2015, 07:31:02 UTC
Well I did say exactly the same thing:

Anyway, all this happened this time because our socket script didn't sanitize some data (background variables, exploited from console) which was sent along with chat messages or other online/offline commands.

Chat/Sockets script did only sanitize the user-submitted data, not the data coming from JS. This was the actual exploit Smiley Necessary actions were taken and this is now fixed. If you have anything further to report, you can do so like others have done before, contact our support and expect a bounty reward.