I recently got this message from a stranger via my contact form on my website (www.dancinshoesdj.com). Is there anything to it?
I’m a Finnish security researcher. This site is vulnerable to reflected Cross-site Scripting attacks. Please see my web-site – latest blog entry – about the issue that affects multiple themes by Kriesi.
I would have posted this information to Kriesi’s support forum, but I’m not their customer and therefore cannot login. I feel I must now contact some vulnerable sites, because you have the possibility to ask for corrections from the developer.