Cross site scripting and other vulnerabilities?

Is Coranto not working properly for you? Here's where to ask for support help; for best results, follow these steps:
  • - Check your core/addon documentation for possible solutions
  • - Search these forums for similar problems that have already been solved
  • - If you're still stumped, check out THIS TOPIC, and post your question in this forum!!

Moderators: Spunkmeyer, Dale Ray, SrNupsen, Bluetooth, Jackanape

Cross site scripting and other vulnerabilities?

Postby Jgold723 » Mon Jun 30, 2014 6:43 pm

We recently underwent a PCI compliance scan on our server and one of the things it picked up was a cross site scripting vulnerability in an older perl script (although nothing in Coranto).

But, these scans (which now happen quarterly) seem to pick up different things each time and I'm getting a little concerned that one of these times, It's going to find an issue with Coranto.

So I thought I'd approach this proactively, since I really, really, really want to keep our installation of Coranto. It's the best CMS I've ever used and we've built our entire site around it.

Is anyone aware of an XSS issues with Coranto? And if so, what would the solutions be? Feel free to PM me if you don't think the specifics should be posted here.
Jgold723
 
Posts: 63
Joined: Wed Jan 10, 2007 6:44 pm

Re: Cross site scripting and other vulnerabilities?

Postby SrNupsen » Wed Jul 23, 2014 4:18 pm

Never heard of any such issue/problem.
-----------------------------------------------------------------------------------------------------
Coranto is free software. I am available for custom work or troubleshooting.

http://www.sundaune.no - transkripsjon, webdesign, nettsider, tekstbyrå
http://www.vagbladet.no - satire, politikk, kultur, sport, nettavis
-----------------------------------------------------------------------------------------------------
SrNupsen
 
Posts: 2229
Joined: Tue Jan 09, 2007 6:46 pm
Location: Nesodden, outside Oslo, Norway

Re: Cross site scripting and other vulnerabilities?

Postby Dale Ray » Sat Aug 02, 2014 3:48 pm

There are a number of sites that explain how to test for this issue. Here is one. If you are concerned you should be testing any script you use not just Coranto.
Dale Ray
User avatar
Dale Ray
 
Posts: 1001
Joined: Sun Jan 19, 2003 6:02 pm
Location: NW Indiana


Return to Troubleshooting

Who is online

Users browsing this forum: No registered users and 1 guest

cron