Home » Forum
  • If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.


No announcement yet.

V6 - XSS Vulnerability testing

  • Filter
  • Time
  • Show
Clear All
new posts

  • V6 - XSS Vulnerability testing


    I have been told that one of my sites has an XSS vulnerability and after running XSS ME (Firefox add-on) the only issue I can detect appears to relate to my zoom_query search input box. The site is passing the XSS String Test but Iím getting reports certain characters were found to be unencoded (the characters identified are ; \ / Ď =).

    Is there a way to correct the code to fix this issue?

    Thank you

  • #2
    We no longer support V6.
    But we are not aware of any issue. Even if it was true (and I don't think it is), a couple of unencoded characters doesn't mean there is a XSS issue.
    If you can show an actual example of a XSS issue in V6, we can check if there is the same behaviour in V7.