gmapfp

The bug seems to be fixed with the new JCE version.

Hi,

What is the function of "JCE" that dangerous ?

You can choose to use "TinyMCE" for default users editor and JCE for specific users ?

Thank you for your reply.

Of course, I checked the "Permissions" pane. With that I found out, that it is the "administrator" right and not the e.g. "registered user" right. I cancelled all permissions but the administrators permission in JCE and it still entered the backend. Then I cancelled the administrators permissions in JCE and this affected the JCE behaviour of the form view in the frontend.

Hi,

Have you look at on the pane "Permissions" of JCE's "Options" ?

First: Thank you for this great component!

I'm using JCE in my website. I put the form to submit a place at the frontend to give every (unregistered) user the opportunity to submit places. I knew, that there could be missuse because of a missing captcha. But I thought it is save, because I have to publish the entries first.

Now I found out, that even guests have administrator rights in the "description" and "opening time and prices" view.

That is the reason why the JCE displays all Information of my site-backend to everybody. I tried to change the rights of administrators in the JCE options. With that I fixed the leak, but now administrators can't use the full functionality of JCE.