xxs Preventing Cross-Site Scripting Vulnerability

Author	« Topic »
tgorski Ecommerce Template Expert USA 910 Posts	Posted - 12/07/2017 : 13:49:20 One of our clients had to undergo a PCI Compliance Vulnerability test by their Payment Processor, Heartland Payment Systems, and our Hostek friends can handle it all EXCEPT the xxs ... they sent us a link to https://paragonie.com/blog/2015/06/preventing-xss-vulnerabilities-in-php-everything-you-need-know that lists a line of code that can be inserted into PHP pages to address the issue. So, in addition to wondering if THAT code can be used on a PHP ECT site (should we need to), do you have a similar fix for addressing the xxs issue in ASP? Thank You! Tim Gorski
Sinbad ECT Moderator USA 65937 Posts	Posted - 12/07/2017 : 14:08:28 Hi Tim, Ecommerce Templates is checked and scanned for such issues on a regular basis, we recommend that stores keep current so that they have all security fixes and enhancements. Should you have a question about a PCI scan that pertains to the shopping cart software please attach a copy of the scan and send to info AT ecommercetemplates DOT com Winners never quit, quitters never win CSS and Responsive Designs User Manual for Ecommerce Templates
Vince Administrator 42761 Posts	Posted - 12/08/2017 : 02:58:26 Hi Tim I've found the XSS issue they mentioned and I have a fix for it in testing. Once it's been tested I'll get the change into the v6.7 and v6.8 updaters for both ASP and PHP. That should be some time today but I'll let you know when it's ready. Vince Click Here for Shopping Cart Software Click Here to sign up for our newsletter Click Here for the latest updater
Vince Administrator 42761 Posts	Posted - 12/08/2017 : 04:41:20 Hi Tim The fix is now in the ASP and PHP v6.7 and v6.8 updaters. Vince Click Here for Shopping Cart Software Click Here to sign up for our newsletter Click Here for the latest updater
tgorski Ecommerce Template Expert USA 910 Posts	Posted - 12/08/2017 : 11:55:31 Thanks, Vince Tim Gorski
	« Topic »