Mick wrote: ↑
Sat Oct 19, 2019 9:30 am
Stopping PNG’s alone is only a small part of it.
yes, it's true not only for images, but for nearly any file format. So, to keep you board free of injection through resources not controlled by yourself, you should
- disable attachments
- disable external linking
- disable posting (someone can tell people to visit a certain web site which injects visitor's local devices or write down a malicious shell script and tell others to execute it on their local machine)
- and finally disable your board - internet is a high risky environment , so nobody should visit it.