pyramids Posted September 18, 2010 Share Posted September 18, 2010 Anyone know a quick fix for this issue reported by McAfee (I know it's minor, but need to fix anyway) in catalog/login.php enter: login.php?reason=>"></title></iframe></script></form></td></tr><br><iFraMe+src McAfee claims it is "Web Application Cross Site Scripting" Their fix is to sanitize the following: Ensure that parameters and user input are sanitized by doing the following: Remove < input and replace with < Remove > input and replace with > Remove ' input and replace with ' Remove " input and replace with " Remove ) input and replace with ) Remove ( input and replace with ( Just not sure where to put it? Link to comment Share on other sites More sharing options...
pyramids Posted September 18, 2010 Author Share Posted September 18, 2010 I just found the security mod http://addons.oscommerce.com/info/5752 Link to comment Share on other sites More sharing options...
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.