PassMark Logo
Home » Forum

Announcement

Collapse
No announcement yet.

V6 - XSS Vulnerability testing

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • V6 - XSS Vulnerability testing

    Hi

    I have been told that one of my sites has an XSS vulnerability and after running XSS ME (Firefox add-on) the only issue I can detect appears to relate to my zoom_query search input box. The site is passing the XSS String Test but I’m getting reports certain characters were found to be unencoded (the characters identified are ; \ / ‘ =).

    Is there a way to correct the code to fix this issue?

    Thank you

  • #2
    We no longer support V6.
    But we are not aware of any issue. Even if it was true (and I don't think it is), a couple of unencoded characters doesn't mean there is a XSS issue.
    If you can show an actual example of a XSS issue in V6, we can check if there is the same behaviour in V7.

    Comment

    Working...
    X