Tag Archives: catalogsearch

Magento Catalog Search XSS on Some Themes

Posted on April 2, 2011 by Mark

We’ve seen a few customers failing PCI scans due to Cross Site Scripting (XSS) vulnerabilities on the catalogsearch page. Initially it seemed like it was a bug in Magento where it wasn’t sanitizing its input but when we tried to … Continue reading →

Posted in Magento, php | Tagged catalogsearch, crumbInfo, htmlEscape, magento, PCI, theme, xss | 5 Comments

United States

United Kingdom

Australia

Extended Services

Tag Archives: catalogsearch

Magento Catalog Search XSS on Some Themes

Popular Posts

Categories