JaTiTV/T2Code-Alias
1
0
Fork 0
Code Issues Pull Requests Projects Releases 17 Wiki Activity

1.1.1

Browse Source 
This update fixes a security vulnerability where players with modified clients could intercept all commands.
This bug affects the proxy (Bungee, Waterfall etc.)!
This commit is contained in:
JaTiTV
2022-07-19 18:27:07 +02:00
parent a7518530c7
commit 6586ac4ee9
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/net/t2code/alias/Bungee/system/BListener.java
View File

@@ -15,7 +15,7 @@ public class BListener implements Listener {
@EventHandler
public void onPluginmessage(PluginMessageEvent event) {
if (event.getTag().equalsIgnoreCase("t2codealias:bungee")) {
event.setCancelled(true);
DataInputStream stream = new DataInputStream(new ByteArrayInputStream(event.getData()));
try {
String channel = stream.readUTF();