Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

XSS #1443

Closed
zhonghaozhao opened this issue Jun 24, 2017 · 5 comments
Closed

XSS #1443

zhonghaozhao opened this issue Jun 24, 2017 · 5 comments
Labels

Comments

@zhonghaozhao
Copy link

zhonghaozhao commented Jun 24, 2017

[removed]

affect 1.6.0

@drbyte
Copy link
Member

drbyte commented Jun 24, 2017

Thanks. Please report security concerns by email to security[at] zen-cart [dot]com

@drbyte
Copy link
Member

drbyte commented Jun 24, 2017

The XSS allegation you posted can't be replicated on a legitimate fresh install of v1.6.0 on latest PHP version.

Closing.

@drbyte drbyte closed this as completed Jun 24, 2017
@zhonghaozhao
Copy link
Author

I send a email to your security partment, and you guy reproduced this issuse. I want to know whether this issuse is fixed or not? How is it going ?

@drbyte
Copy link
Member

drbyte commented Jun 30, 2017

See #1446

@drbyte
Copy link
Member

drbyte commented Jul 3, 2017

Thanks for the report.

It is important to note: Zen Cart v1.6.0 is UNRELEASED CODE at this time. This version is not in use on live websites.

@drbyte drbyte added the invalid label Apr 18, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants