normal xss Vulnerability?

More
10 years 4 months ago #6647 by suus Roelse
My Hostingprovider sends me a message that there is a xss Vulnerability? ([Joomla] XSS in Joomla change) in mega_etanol/html/com_contact/category/default_items.php
mega_etanol/html/com_contact/featured/default_items.php

what can i do? is there a patch?

Please Log in or Create an account to join the conversation.

More

Notice: Undefined variable: end_tag_params in /home/omegatheme/public_html/libraries/kunena/External/Nbbc/src/BBCode.php on line 2321

Notice: Undefined variable: end_tag_params in /home/omegatheme/public_html/libraries/kunena/External/Nbbc/src/BBCode.php on line 2321

Notice: Undefined variable: end_tag_params in /home/omegatheme/public_html/libraries/kunena/External/Nbbc/src/BBCode.php on line 2321
10 years 4 months ago #6648 by Trung Duong
Replied by Trung Duong on topic Re: xss Vulnerability?
Can you tell me more detail about those files ? What's is the problem ?

Regards

Support email: services(at)omegatheme(dot)com


Follow Us to keep updated!

[img


[img


[img]...[/img]

[img]...[/img]

[img]...[/img]

Please Log in or Create an account to join the conversation.

More
10 years 4 months ago #6659 by suus Roelse
Replied by suus Roelse on topic Re: xss Vulnerability?
they don't give more details... only that i have to fix it. i will ask if they can give more information.

Please Log in or Create an account to join the conversation.

More
10 years 4 months ago #6661 by suus Roelse
Replied by suus Roelse on topic Re: xss Vulnerability?
the answer that i got:

The problem is not literally in the template, but the template saves files in folders / files that are part of Joomla. In the folders / files where they are stored are leaks. As it a template, the files will be used where the template is stored. Because the leaks are here the scan recognizes it as vulnerability. The cause of the problem lies in Joomla itself in combination with the storage location of certain files from the template.

Please Log in or Create an account to join the conversation.

More
10 years 1 month ago #7103 by suus Roelse
Replied by suus Roelse on topic Re: xss Vulnerability?
my hosting gave me this link:

developer.joomla.org/security/352-201106...s-vulnerability.html

can i just delete the files in com_contact? or do you have a update?
/templates/mega_etanol/html/com_contact/category/default_items.php
/templates/mega_etanol/html/com_contact/featured/default_items.php

Please Log in or Create an account to join the conversation.

More
10 years 1 month ago #7106 by Trung Duong
Replied by Trung Duong on topic Re: xss Vulnerability?
Yes, you can delete these files. It's not problem with template.

Regards

Support email: services(at)omegatheme(dot)com


Follow Us to keep updated!

[img


[img


[img]...[/img]

[img]...[/img]

[img]...[/img]

Please Log in or Create an account to join the conversation.

Time to create page: 0.593 seconds

About Growth

Innovative tech for eCommerce growth

Contact Info

Head: No. 3, 175/55 Lane, Lac Long Quan St., Nghia Do Ward, Cau Giay District, Hanoi City, Vietnam