[ic] XSS Cross-Site Scripting Vulnerability's ?
Sam Batschelet
sam at westbranchresort.com
Wed Dec 17 19:41:32 UTC 2008
I am trying to plug up my XSS holes in interchange but keep getting a error
from my credit card service provider when they run a test on the system.
Just upgraded to 5.6.1 and per the upgrade notes I have been replacing
[value x] with [evalue x] in form data. Many of my catalogs were built
around 4.6 using a modified standard demo so flypage (which is what they are
complaining about) etc might not be up to date. But before I go crazy going
page to page is there a guide for addressing XSS in Interchange or a listing
of vulnerabilities that have been plugged. Any help with this would be
great as my credit card company is cracking down on this which is a good
thing but I am also trying to update all of the catalogs in a timely,
efficient fashion. Thanks in advance.
More information about the interchange-users
mailing list