AbanteCart Community
Shopping Cart Operations => Security => Topic started by: abantecart on February 16, 2013, 02:55:47 PM
-
Light cross-site scripting vulnerability has been detected in AbanteCart.
Detected vulnerability does not cause any harm to AbanteCart or content.
To fix the problem, please read below.
Effected versions: Up to 1.1.3
About Risk: This is a low risk cross-site scripting vulnerability. Not potential harm to code, database or server structure.
About the fix:
Fix is only 1 file that can be replaces or change manually
Option 1 (version 1.1.3):
Locate file: /core/engine/html.php and replace with attached file
Option 2 (prior to version 1.1.3)
Locate and open file: /core/engine/html.php
Locate below code (about line # 114)
public function removeQueryVar($url, $vars) {
list($url_part, $q_part) = explode('?', $url);
parse_str($q_part, $q_vars);
if (!is_array($vars)) {
$vars = array( $vars );
}
foreach ($vars as $v)
unset($q_vars[ $v ]);
$new_qs = urldecode(http_build_query($q_vars));
return $url_part . '?' . $new_qs;
}
Replace with below code:
public function removeQueryVar($url, $vars) {
list($url_part, $q_part) = explode('?', $url);
parse_str($q_part, $q_vars);
if (!is_array($vars)) {
$vars = array( $vars );
}
foreach ($vars as $v)
unset($q_vars[ $v ]);
foreach ($q_vars as $key => $value)
$q_vars[$key] = $this->request->clean($value);
$new_qs = urldecode(http_build_query($q_vars));
return $url_part . '?' . $new_qs;
}
This issue is toughly addressed and eliminated in coming version of AbanteCart
-
Light cross-site scripting vulnerability has been detected in AbanteCart.
Detected vulnerability does not cause any harm to AbanteCart or content.
To fix the problem, please read below.
Thanks for sharing the code.. I am facing similar vulnerability and now I think my problem is solved.. Thanks again