pyramids Posted September 18, 2010 Posted September 18, 2010 Anyone know a quick fix for this issue reported by McAfee (I know it's minor, but need to fix anyway) in catalog/login.php enter: login.php?reason=>"></title></iframe></script></form></td></tr><br><iFraMe+src McAfee claims it is "Web Application Cross Site Scripting" Their fix is to sanitize the following: Ensure that parameters and user input are sanitized by doing the following: Remove < input and replace with < Remove > input and replace with > Remove ' input and replace with ' Remove " input and replace with " Remove ) input and replace with ) Remove ( input and replace with ( Just not sure where to put it?
pyramids Posted September 18, 2010 Author Posted September 18, 2010 I just found the security mod http://addons.oscommerce.com/info/5752
Recommended Posts
Archived
This topic is now archived and is closed to further replies.