Our 1.4.0.1 LiveCart installation is failing PCI Scans because of supposed "cross-site scripting vulnerability". I have asked the PCI scanning company to provide details and here is what they have given us:
Thank you for your email. I have been going through the scan issues, and I was able to confirm the cross-site scripting issue. I have attached a file output of my testing to show that the server is not properly sanitizing, and allowing scripting to execute. The request I did was the following:
GET /index.php/">alert(123) HTTP/1.0
Host: iacantennas.com
User-Agent: Mozilla/4.0
Connection: Keep-alive
I did this through a command line/terminal window. When doing it in a browser, some browsers will have its own sanitization setup to conflict with our requests, so we do them from terminal to prevent the browser from mishandling the information. If you connect to port 443 through a command line interface, and do the above request, you should be able to see the source code echoing back with request unsanitized, and executing properly.
Our 1.4.0.1 LiveCart installation is failing PCI Scans because of supposed "cross-site scripting vulnerability". I have asked the PCI scanning company to provide details and here is what they have given us:
Thank you for your email. I have been going through the scan issues, and I was able to confirm the cross-site scripting issue. I have attached a file output of my testing to show that the server is not properly sanitizing, and allowing scripting to execute. The request I did was the following:
GET /index.php/">alert(123) HTTP/1.0 Host: iacantennas.com User-Agent: Mozilla/4.0 Connection: Keep-alive
I did this through a command line/terminal window. When doing it in a browser, some browsers will have its own sanitization setup to conflict with our requests, so we do them from terminal to prevent the browser from mishandling the information. If you connect to port 443 through a command line interface, and do the above request, you should be able to see the source code echoing back with request unsanitized, and executing properly.