Tagged: cross-site scripting attack
I recently got this message from a stranger via my contact form on my website (www.dancinshoesdj.com). Is there anything to it?
I’m a Finnish security researcher. This site is vulnerable to reflected Cross-site Scripting attacks. Please see my web-site – latest blog entry – about the issue that affects multiple themes by Kriesi.
I would have posted this information to Kriesi’s support forum, but I’m not their customer and therefore cannot login. I feel I must now contact some vulnerable sites, because you have the possibility to ask for corrections from the developer.
I believe Kriesi is already aware of the issues Janne presents but just in case I’m tagging Kriesi as well as the rest of the support team to this thread.
The topic ‘Broadscope theme vulnerable to Cross-site scripting attacks?’ is closed to new replies.