ProductCart E-Commerce Solutions Homepage
Forum Home Forum Home > ProductCart > Using ProductCart
  New Posts New Posts RSS Feed - Possible bug with the recent XSS patch.
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Possible bug with the recent XSS patch.
 Post Reply Post Reply
Author
Message
  Topic Search Topic Search  Topic Options Topic Options
Brett View Drop Down
Groupie
Groupie
Avatar

Joined: 22-April-2008
Location: Phoenix, AZ
Status: Offline
Points: 89 		Post Options Post Options   Thanks (0) Thanks(0)   Quote Brett Quote  Post ReplyReply Direct Link To This Post Topic: Possible bug with the recent XSS patch.
    Posted: 14-June-2011 at 10:25pm
I believe the patch included one file which was something like view message for the pcadmin folder. I tried to consolidate a customer account and the message came up like this:

Quote
The email you have chosen is already in use by another customer. If you still wish to use this e-mail for this customer account, <a href=''viewcustb.asp?key4=customeremail@address.com''>search</a> for all customers with the same e-mail address, consolidate their accounts into one using the corresponding feature (orders are moved to the consolidated account), and then remove the accounts that are no longer needed.


So the URL isn't correctly appearing. Is anyone else experiencing this error?

Edited by Brett - 14-June-2011 at 10:26pm
Back to Top
ProductCart View Drop Down
Admin Group
Admin Group

ProductCart Team

Joined: 01-October-2003
Status: Offline
Points: 135 		Post Options Post Options   Thanks (0) Thanks(0)   Quote ProductCart Quote  Post ReplyReply Direct Link To This Post Posted: 15-June-2011 at 2:27pm
Hi Brett: we are looking into this. The security fix we introduced is causing the issue. We are reviewing the matter and we'll have a solution soon.
The ProductCart Team

Home of ProductCart shopping cart software
Back to Top
ProductCart View Drop Down
Admin Group
Admin Group

ProductCart Team

Joined: 01-October-2003
Status: Offline
Points: 135 		Post Options Post Options   Thanks (0) Thanks(0)   Quote ProductCart Quote  Post ReplyReply Direct Link To This Post Posted: 15-June-2011 at 6:27pm
We posted the updated patch.
http://www.earlyimpact.com/productcart/technical-support.asp#updates

Thank you for pointing out the issue with the way the fix was affecting the display of certain Control Panel messages.


Edited by earlyimp - 15-June-2011 at 6:28pm
The ProductCart Team

Home of ProductCart shopping cart software
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.04
Copyright ©2001-2021 Web Wiz Ltd.

This page was generated in 0.070 seconds.