Toggle sidebar

Showing me logged in as other people

  • BushMoot: Come along to the amazing Summer Moot 31st July - 5th August (extended Moot : 27th July - 8th August), a festival of bushcrafting and camping in a beautiful woodland PLEASE CLICK HERE for more information.
Chris

Chris

Life Member
Staff member
Sep 20, 2022
3,062
4,431
Somerset, Yorkshire, Lincolnshire
I had this happen on mobile a minute ago and now seeing it on web, it's showing me as logged in as other users.

1758376192613.png

It's happened with a few different users, not just Danceswithhelicopters. When I go to my profile it goes to the correct profile, but something funky seems to be happening with auth tokens.
 
Just keeps asking me to log in, then when i click Log In, it comes up as "You are already logged in"
 
Is this a BcUK thing or Tappatalk?

ETA. I’m not on the app and all is well here.
 
Looks like a Highlander situation. Swords out! There can be only one!
 
Now. The header that @TeeDee is showing is different from mine. Is Iphone different layout from Android.

It looks as if I’m stuck with being me!!!
 
Chris said:
Looks like it’s a screenshot from a PC to me!
Click to expand...

Yes screen shot from PC - Its just been jumping around to several different people ( assume this it the same for everyone ) - also Notification bells are showing but when I go to the notification to read it - it doesn't 'clear; the notification bell -it remains there.

Just saying as feedback - 1st world issues , no massive headaches - just weird..
 
  • Like
Reactions: Chainsaw
Thanks for raising this, were looking into it.
For clarity, is it only the usernames that are getting messed up? No one is actually being logged in as anyone else?

And, its only happening when you log in on some pages (like the home page of the forums) and not all pages?

Thanks
 
From this screenshot from TeeDee it looks like at least partially permissions are also being applied (see banner at the top of his screenshot).

TeeDee said:
I'm getting this - I'm literally made up...

View attachment 97853
Click to expand...


It seems to only apply for that single page load, as when you click elsewhere it seems to log you back in as yourself. But the fact it is allowing it at all is a concern, as someone malicious with a bit of effort may be able to abuse this by manually replicating the erroneous authentication consistently and therefore persistently logging in with someone else’s permissions to cause mischief (or worse if they catch an admin’s session credentials).

It’s happened to me on a few pages.

Interestingly it has twice happened where I go to read a private message from someone, then when I navigate away from the inbox it shows me logged in as that specific person. Has happened with two different people who DMed me.
 
You must log in or register to reply here.

Similar threads

S
Ancient britain
Replies
10
Views
1K
Bushcraft and survival skills
Aristotle
A
B
Get Me Home
Replies
13
Views
3K
Kit Chatter
Woody girl
Woody girl
J
Hello from Sheffield :-)
Replies
16
Views
2K
Introductions & Welcomes
k9trev
k9trev
K
taking time walking off roads in my local area was very interesting indeed
Replies
3
Views
1K
Out and About
Condex
Condex
saxonaxe
Day Out Random ramblings.
Replies
4
Views
1K
Out and About
Tony
Tony

BCUK Shop

We have a a number of knives, T-Shirts and other items for sale.

SHOP HERE
Top Bottom