cvZip’de XSS açığı yazısına yapılan yorumlar

Bahadir tarafından

Bahadir — Sat, 20 Sep 2008 18:33:22 +0000

Bu yazıyı kaldırmanızı rica ediyorum, gerekli değişiklikler yapıldı ve açık kapatıldı.

Teşekkürler

ismet öztürk tarafından

ismet öztürk — Wed, 17 Sep 2008 18:35:20 +0000

It is a Cross-Site scripting vulnerability that can let hackers to steal your visitors cookies. For example hacker can add malicious scripts to your site by entering code to serach box and email this link to victims (your visitors). To prevent XSS on your web site you have to filter every input from user.
There are several xss filter functions on the web. I recommend you to use this one: http://kallahar.com/smallprojects/php_xss_filter_function.php

tarek tarafından

tarek — Mon, 15 Sep 2008 19:39:29 +0000

Hi there;
so what is the problem is that a bug? what you can for us ? can you solve the problem ?
can you give more info plz