Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #17425

    I recently got this message from a stranger via my contact form on my website (www.dancinshoesdj.com). Is there anything to it?

    I’m a Finnish security researcher. This site is vulnerable to reflected Cross-site Scripting attacks. Please see my web-site – latest blog entry – about the issue that affects multiple themes by Kriesi.

    I would have posted this information to Kriesi’s support forum, but I’m not their customer and therefore cannot login. I feel I must now contact some vulnerable sites, because you have the possibility to ask for corrections from the developer.

    Kind Regards,

    Janne Ahlberg

    http://jannefi.blogspot.fi/

    #95426

    Hi greensleeves,

    I believe Kriesi is already aware of the issues Janne presents but just in case I’m tagging Kriesi as well as the rest of the support team to this thread.

    Regards,

    Mya

    #95427

    Hi!

    See: http://www.kriesi.at/support/topic/xss

    Best regards,

    Peter

    #95428

    Hi!

    I am aware and the updates are already in the pipeline, once they are approved from themeforest you will be able to download them ;)

    Regards,

    Kriesi

Viewing 4 posts - 1 through 4 (of 4 total)

The topic ‘Broadscope theme vulnerable to Cross-site scripting attacks?’ is closed to new replies.