SHELTINATOR2000: DO NOT OPEN THEIR THREADS

For now.

If this person is legitimately some white hat testing the forum security, they will not object to anyone contacting the mods to confirm this.

If not, the sooner we draw attention to their activities and the more users we prevent from being adversely affected, the better.

It is entirely possible that this individual and their intentions are legitimate and benign. I am just warning people in case this escalates.

If nothing else, opening a thread and being logged out of your account is annoying. I'd like to help people avoid that.

Allowing users to make any kind of submission to your website immediately opens the door to a myriad of potential security risks. But there is no other way to operate a forum. You have to allow users to submit inputs to your site in some capacity.

However, this forum does seem to leave the door open to a range of bizarre functions while limiting other functionality for no apparent reason.

My suspicion is that this forum uses generic software on the front and back-end, and certain functionality has either been left on by default or turned on by mistake.

Meanwhile other needed features (such as an edit or delete button) remain unavailable, perhaps because the generic software does not offer that functionality or it does not function in line with the requirements or desires of the admins.

Why they do not create some custom functions to handle it is hard to say. But I would speculate that the admins do not have permission to edit it (either due to TPC mandates or the software provider's own licensing restrictions) or more worryingly, may not have people with the requisite skills to implement it.

But I doubt anyone on the adin or moderation teams will give us clear answers in any case.