[ic] XSS Cross-Site Scripting Vulnerability's ?

Sam Batschelet sam at westbranchresort.com
Wed Dec 17 19:41:32 UTC 2008

I am trying to plug up my XSS holes in interchange but keep getting a error
from my credit card service provider when they run a test on the system.
Just upgraded to 5.6.1 and per the upgrade notes I have been replacing
[value x] with [evalue x] in form data.  Many of my catalogs were built
around 4.6 using a modified standard demo so flypage (which is what they are
complaining about) etc might not be up to date.  But before I go crazy going
page to page is there a guide for addressing XSS in Interchange or a listing
of vulnerabilities that have been plugged.  Any help with this would be
great as my credit card company is cracking down on this which is a good
thing but I am also trying to update all of the catalogs in a timely,
efficient fashion.  Thanks in advance.

More information about the interchange-users mailing list