File Details
ClickLinks-2.2.2.zip
- R
- Jul 13, 2026
- 54.65 KB
- 1.3K
- 12.1.0+9
- Classic + 4
File Name
ClickLinks-2.2.2.zip
Supported Versions
- 12.1.0
- 12.0.7
- 12.0.5
- 12.0.1
- 5.5.3
- 4.4.2
- 3.80.0
- 3.4.5
- 2.5.5
- 1.15.8
Replacing cf.AddMessage puts an insecure function where secure code reads it. Blizzard's Group Finder event handlers print via ChatFrameUtil.DisplaySystemMessageInPrimary -> ChatFrame:AddMessage, tainting the execution; the subsequent LFGList results update then hits "attempt to compare a secret number value (execution tainted by 'ClickLinks')" at LFGList.lua:3236 (observed on 12.0.7).
URLs in normal chat events stay clickable through the existing taint-safe CHAT_MSG_* filters; only direct AddMessage writes (guild MOTD, addon prints) lose clickability, which is unavoidable - there is no taint-safe way to modify those. The Communities frame hook is unchanged.