Hello,
I have received the following from a sitelock scan of my site:
URL:http://www.adventureparagliding.com/ind ... ed20cbd373
feb8d=1
Cross site scripting vulnerability found in args:0a642c3915808c407ed20cbd373feb8d,controller
URL:http://www.adventureparagliding.com/ind ... ed20cbd373
feb8d=1&586bb09e58848feaa9b484e3a1ddf34d=1
Cross site scripting vulnerability found in args:0a642c3915808c407ed20cbd373feb8d,586bb09e58848feaa9b484e3a1ddf34d,controller
URL:http://www.adventureparagliding.com/ind ... 9b484e3a1d
df34d=1
Cross site scripting vulnerability found in args:586bb09e58848feaa9b484e3a1ddf34d,controller
I have the most updated version of phoca gallery and not sure why i am getting this problem. Please advise.
sitelock xss vulnerability
-
Jan
- Phoca Hero
- Posts: 49144
- Joined: 10 Nov 2007, 18:23
- Location: Czech Republic
- Contact:
Re: sitelock xss vulnerability
Hi, which version of Phoca Gallery you are using, testing now cannot confirm any issue with the links 
If you find Phoca extensions useful, please support the project
-
apsnemsf
- Phoca Newbie
- Posts: 2
- Joined: 24 Mar 2014, 16:23
Re: sitelock xss vulnerability
Version
3.2.7
Sitelock says the above reference files as well as several others of the same origination are xss vulnerable and have removed my badge from my page.
3.2.7
Sitelock says the above reference files as well as several others of the same origination are xss vulnerable and have removed my badge from my page.
-
Jan
- Phoca Hero
- Posts: 49144
- Joined: 10 Nov 2007, 18:23
- Location: Czech Republic
- Contact:
Re: sitelock xss vulnerability
Hi, testing now again and see nothing vulnerable in the code above
Jan
Jan
If you find Phoca extensions useful, please support the project