Skip to main content

Questions tagged [security]

Ask Question

For posts about security issues centered around Stack Overflow. If you think you found a serious security vulnerability, please report it on the Security page found at https://stackexchange.com/about/security. Do not post such reports on Meta!

82 questions
Newest Active Unanswered Frequent
Filter by
Sorted by
Tagged with
22 votes
1 answer
313 views

Any user can accept answers on questions with deleted authors

It's possible for any user to accept answers on behalf of a deleted user. I just did so to this post, marking my own answer as accepted. This isn't possible through the UI, you need to send the HTTP ...
Trump Voters Deserve Damnation's user avatar
Trump Voters Deserve Damnation
  • 130k
9 votes
1 answer
516 views

How to turn on two-step verification on Stack Overflow [duplicate]

I just joined Stack Overflow and I want to enable two-factor authentication, but I couldn't find it. Can you please tell me how to enable it? I couldn't find the security tab in the settings; I looked ...
Mehmet Talha UZ's user avatar
Mehmet Talha UZ
  • 1
7 votes
1 answer
209 views

Is it possible to associate my Stack Overflow account with more than one Google Login?

The company where I work does monitor everything we do by intercepting all HTTPS using proxy. I do not trust them and moreover I suspect them to monitor all of our activities. So I prefer to not use ...
Eric Ouellet's user avatar
Eric Ouellet
  • 11.8k
27 votes
0 answers
318 views

Adding Security log option for seeing login activites

Recently I was logged out of my SO account automatically. This happened 2 times in 2 days (like 1 today and 1 yesterday). Note also that this has happened in the past as well. Upon seeing this, I am ...
user12002570's user avatar
user12002570
  • 1
-24 votes
1 answer
286 views

User (well, answerer) security on Stack Overflow [duplicate]

Earlier on I was perusing python questions, when I stumbled over a question - now deleted, asking something along the lines: How can I access this website with Selenium? Why is the page blank when I ...
user avatar
anon
20 votes
1 answer
2k views

Is this 'Run code snippet' with payload an attempt to infect SO users' machines with a virus?

Just wondering if there's a risk to a user's machine by clicking "Run Snippet" in questions like this one I'm suspicious because on the face of it the question doesn't look like it needs to ...
Caius Jard's user avatar
Caius Jard
  • 74.8k
2 votes
0 answers
148 views

Add an option in Settings to log out of a device that is logged in to your account

If someone is hacked/has a hacker running about in their account or just in general want to sign out on specific devices, having a list of devices currently logged in on the account under My Logins or ...
WhatTheClown's user avatar
WhatTheClown
  • 486
58 votes
2 answers
18k views

Adding HTML tags or HTML-tag-like to a title, breaks rendering

This question cannot be rendered. Simple multi-colored textarea based editor neither on question view, or list view. The bug is triggered by adding <textarea> or some other tag to the title, as ...
Arvind Kumar Avinash's user avatar
Arvind Kumar Avinash
  • 79.8k
236 votes
4 answers
4k views

Blindly Copy-Pasting Code is BAD: A Gentle Reminder!

A friendly reminder to all those who need it: Executing code you found online is BAD!!* Once more for the people in the back: Executing code you found online is BAD!!!!!* There's a great post on the ...
pho's user avatar
pho
  • 25.5k
5 votes
1 answer
386 views

Imgur secure connection failing

I was reviewing this question on Stack Overflow, it has two links to https://i.stack.imgur.com. I'm pretty sure these are images added to the question with the image tool (powered by Imgur) so I ...
stealththeninja's user avatar
stealththeninja
  • 3,801
68 votes
1 answer
2k views

Using a personal Stack Overflow account for a Team potentially allows your employer to take it over [closed]

This is based on this support request from fazy about several potential issues due to the fact that SO and Teams account are not separate entities. As this received no response, I tried one of the ...
Mad Scientist's user avatar
Mad Scientist
  • 18.6k
20 votes
1 answer
1k views

What kind of Access Control is used on Stack Overflow?

Recently I have done some research about different Access Control models and policies. My accent was on Role-Based Access Control, and one of the main disadvantages of it is that it is not dynamic (...
Ana Svitlica's user avatar
Ana Svitlica
  • 453
13 votes
0 answers
305 views

Breach or very strange coincidence?

It has been too long since I've updated my password on Stack Overflow, so I decided to do so a couple of days ago. I accidentally set it as the same password that I used on an old (forgotten, unused ...
egerardus's user avatar
egerardus
  • 11.5k
-9 votes
1 answer
196 views

Can I post executable binaries to into Stack Overflow?

I have updated the compiler, and I am struggling to get the binaries generated by the new compiler to work. I figure that besides describing the problem and the command lines involved, it will ...
lvella's user avatar
lvella
  • 13.5k
9 votes
0 answers
117 views

Why does Stack Overflow not use Content-Security-Policy HTTP header to prevent XSS attacks?

OWASP recommends using Content-Security-Policy HTTP header to prevent XSS attacks. I inspected Stack Overflow HTTP requests in the browser and didn't find any Content-Security-Policy HTTP header. Why ...
Daniel Barral's user avatar
Daniel Barral
  • 4,126

15 30 50 per page
1
2 3 4 5 6