Shopping Cart Operations > Security

Light cross-site scripting vulnerability fix

(1/1)

abantecart:
Light cross-site scripting vulnerability has been detected in AbanteCart.
Detected vulnerability does not cause any harm to AbanteCart or content.
To fix the problem, please read below.

Effected versions: Up to 1.1.3

About Risk:  This is a low risk cross-site scripting vulnerability. Not potential harm to code, database or server structure.

About the fix:
Fix is only 1 file that can be replaces or change manually
Option 1 (version 1.1.3):
Locate file: /core/engine/html.php  and replace with attached file

Option 2 (prior to version 1.1.3)
Locate and open file: /core/engine/html.php    
Locate  below code (about line # 114)


--- Code: --- public function removeQueryVar($url, $vars) {
list($url_part, $q_part) = explode('?', $url);
parse_str($q_part, $q_vars);
if (!is_array($vars)) {
$vars = array( $vars );
}
foreach ($vars as $v)
unset($q_vars[ $v ]);

$new_qs = urldecode(http_build_query($q_vars));
return $url_part . '?' . $new_qs;
}

--- End code ---

Replace with below code:


--- Code: --- public function removeQueryVar($url, $vars) {
list($url_part, $q_part) = explode('?', $url);
parse_str($q_part, $q_vars);
if (!is_array($vars)) {
$vars = array( $vars );
}
foreach ($vars as $v)
unset($q_vars[ $v ]);

foreach ($q_vars as $key => $value)
$q_vars[$key] = $this->request->clean($value);

$new_qs = urldecode(http_build_query($q_vars));
return $url_part . '?' . $new_qs;
}
--- End code ---

This issue is toughly addressed and eliminated in coming version of AbanteCart

DamonPadilla:

--- Quote from: abantecart on February 16, 2013, 02:55:47 PM ---Light cross-site scripting vulnerability has been detected in AbanteCart.
Detected vulnerability does not cause any harm to AbanteCart or content.
To fix the problem, please read below.


--- End quote ---

Thanks for sharing the code.. I am facing similar vulnerability and now I think my problem is solved.. Thanks again

Navigation

[0] Message Index