 Hi, Sitelock security has just sent me an email saying that I have over 300 Cross Site Scripting vulnerabilities on my Dolphin 7.0.3 site. What is this and how do I fix it? If I don't get it fixed quickly, they are going to down grade my security certificate. Thanks, Rob |
did they not provide you any details? When a GIG is not enough --> Terabyte Dolphin Technical Support - Server Management and Support |
Yes, What would you like to see?
|
i just went and read it. i think i have heard that Andrew was working on getting this fixed and that was about three days ago. When a GIG is not enough --> Terabyte Dolphin Technical Support - Server Management and Support |
This is a small section of the list of problems. They gave me a quote of $6,500 to fix the problem. That would be a real waste because as soon as an update comes out the fix would be wiped out. There are 325 of these problems.
http://xxxxxcycling.com/index.php?bx_videos_mo de%3Dlast%26bx_photos_mode%3Dlast%26type%3Dall%26s tatus%3Dapproved%26albumType%3Dbx_videos%26page%3D {page}%26per_page%3D{per_page}
Vulnerability
Page URL: http://xxxxxxcycling.com/index.php?bx_videos_mo de%3Dlast%26bx_photos_mode%3Dlast%26type%3Dall%26s tatus%3Dapproved%26albumType%3Dbx_videos%26page%3D {page}%26per_page%3D{per_page}
Xss Info: Cross site scripting vulnerability found in args albumType, bx_photos_mode, bx_videos_mode, page, per_page, status, type
http://xxxxxxxcycling.com/index.php?bx_photos_mo de%3Dtop%26bx_videos_mode%3Dtop%26tags_mode%3Dad%2 6status%3Dapproved%26albumType%3Dbx_photos%26page% 3D{page}%26per_page%3D{per_page}
Vulnerability
Page URL: http://xxxxxxxcycling.com/index.php?bx_photos_mo de%3Dtop%26bx_videos_mode%3Dtop%26tags_mode%3Dad%2 6status%3Dapproved%26albumType%3Dbx_photos%26page% 3D{page}%26per_page%3D{per_page}
Xss Info: Cross site scripting vulnerability found in args albumType, bx_photos_mode, bx_videos_mode, page, per_page, status, tags_mode
http://xxxxxxxcycling.com/index.php?bx_photos_mo de%3Dtop%26bx_videos_mode%3Dtop%26tags_mode%3Dblog %26status%3Dapproved%26albumType%3Dbx_photos%26pag e%3D{page}%26per_page%3D{per_page}
Vulnerability
Page URL: http:/xxxxxxxcycling.com/index.php?bx_photos_mo de%3Dtop%26bx_videos_mode%3Dtop%26tags_mode%3Dblog %26status%3Dapproved%26albumType%3Dbx_photos%26pag e%3D{page}%26per_page%3D{per_page}
Xss Info: Cross site scripting vulnerability found in args albumType, bx_photos_mode, bx_videos_mode, page, per_page, status, tags_mode
http://xxxxxxcycling.com/index.php?bx_photos_mo de%3Dtop%26bx_videos_mode%3Dtop%26tags_mode%3Dbx_a rticles%26status%3Dapproved%26albumType%3Dbx_photo s%26page%3D{page}%26per_page%3D{per_page} |
I've sent you my email via PM, please can you send me as much details as possible regarding this issue ? This is a small section of the list of problems. They gave me a quote of $6,500 to fix the problem. That would be a real waste because as soon as an update comes out the fix would be wiped out. There are 325 of these problems.
http://xxxxxcycling.com/index.php?bx_videos_mo de%3Dlast%26bx_photos_mode%3Dlast%26type%3Dall%26s tatus%3Dapproved%26albumType%3Dbx_videos%26page%3D {page}%26per_page%3D{per_page}
Vulnerability
Page URL: http://xxxxxxcycling.com/index.php?bx_videos_mo de%3Dlast%26bx_photos_mode%3Dlast%26type%3Dall%26s tatus%3Dapproved%26albumType%3Dbx_videos%26page%3D {page}%26per_page%3D{per_page}
Xss Info: Cross site scripting vulnerability found in args albumType, bx_photos_mode, bx_videos_mode, page, per_page, status, type
http://xxxxxxxcycling.com/index.php?bx_photos_mo de%3Dtop%26bx_videos_mode%3Dtop%26tags_mode%3Dad%2 6status%3Dapproved%26albumType%3Dbx_photos%26page% 3D{page}%26per_page%3D{per_page}
Vulnerability
Page URL: http://xxxxxxxcycling.com/index.php?bx_photos_mo de%3Dtop%26bx_videos_mode%3Dtop%26tags_mode%3Dad%2 6status%3Dapproved%26albumType%3Dbx_photos%26page% 3D{page}%26per_page%3D{per_page}
Xss Info: Cross site scripting vulnerability found in args albumType, bx_photos_mode, bx_videos_mode, page, per_page, status, tags_mode
http://xxxxxxxcycling.com/index.php?bx_photos_mo de%3Dtop%26bx_videos_mode%3Dtop%26tags_mode%3Dblog %26status%3Dapproved%26albumType%3Dbx_photos%26pag e%3D{page}%26per_page%3D{per_page}
Vulnerability
Page URL: http:/xxxxxxxcycling.com/index.php?bx_photos_mo de%3Dtop%26bx_videos_mode%3Dtop%26tags_mode%3Dblog %26status%3Dapproved%26albumType%3Dbx_photos%26pag e%3D{page}%26per_page%3D{per_page}
Xss Info: Cross site scripting vulnerability found in args albumType, bx_photos_mode, bx_videos_mode, page, per_page, status, tags_mode
http://xxxxxxcycling.com/index.php?bx_photos_mo de%3Dtop%26bx_videos_mode%3Dtop%26tags_mode%3Dbx_a rticles%26status%3Dapproved%26albumType%3Dbx_photo s%26page%3D{page}%26per_page%3D{per_page}
|
