Hi guys. I am having a serious issue with spam and I'm not sure where it is coming from. Spam links are being injected into all pages on page load before the <doctype>, and in the CMS backend on every 'publish' spam being crammed into every space it can fill causing all sorts of errors. I fixed this a couple days ago by deleting the Sapphire directory and replacing it with a fresh version, but the problem is already back. I sent a security message off to the SS team a few days ago.
Anyone know what's causing this? My client is going crazy - and rightly so. I've checked all file and directory permissions and everything looks good there. If replacing the sapphire directory fixes it then I guess the problem lies there. Any specific ideas of what to look at?