Convoro
← Back to extensions

Accepted Answers

Turn categories into Q&A. The person who asked (or staff) can mark a reply as the accepted answer — it gets a green check and the thread shows as solved. Perfect for help and suppo...

Turn categories into Q&A. The person who asked (or staff) can mark a reply as the accepted answer — it gets a green check and the thread shows as solved. Perfect for help and support communities.

AI security review

Reviewed safe · 96/100
A well-scoped Q&A 'accepted answer' extension using standard Laravel framework patterns with proper authorization checks. No RCE, SSRF, SQL injection, hardcoded credentials, or external exfiltration observed.
  • low · GET state route is public — /api/ext/solved/topic/{topic} (web middleware, no auth) exposes isQa/solvedPostId for any topic; this is non-sensitive forum metadata and the toggle/admin routes are correctly gated by auth/admin middleware plus canMark checks. Minor information exposure only.
  • low · Admin page builds raw HTML — In Extension::adminPage(), category names are passed through htmlspecialchars() before interpolation and the JS/CSS are static heredocs, so no obvious injection; flagged only because raw HTML assembly is used rather than templating.

Automated review of v1.0.2 by claude-opus-4-8 1 week ago. This is an automated signal to aid your judgment — not a guarantee.