Mainstreet Affiliates: Late Commission Payments

[mironyanov]

Uh, is customer service responding to anyone?

 

[MissExposé]

Hello @mironyanov. Are you referring to AGD customer service?

 

[mironyanov]

Hi! I'm talking about Mainstreet support.

Hello @mironyanov. Are you referring to AGD customer service?

 

[MissExposé]

@mironyanov if you wish us to try and help, please send us your affiliate account username via private message (I will send you one first).

 

[MissExposé]

@mironyanov thank you for providing the information needed, we have sent the email to the reps and will notify you if there is a feedback.

 

[mainstreet]

Dear Partner,

I will ask accounting team to contact you soon.

Thanks

 

[ultra100]

Hi Mainstreet Affiliates Team,

I recently logged into my Mainstreet Affiliates account to check if there was any activity from the past traffic I had sent to you, and I noticed a pretty serious security issue. The username and password are being passed in the URL parameters (?afflogin=xxx&affPwd=xxx).

This is not only bad practice, but it also represents a serious security risk. Credentials can be stored in browser history and server logs. Login credentials should never be sent via URL parameters — instead, they should be transmitted securely via POST requests over HTTPS.

I just noticed this now, not sure how long it has been going on, but this clearly puts affiliates at risk — could you please check this with your dev team ASAP?

Just wanted to flag this for the community and the team, so everyone is aware and it can be addressed.