We recently released a security patch to address an XSS vulnerability with the admin login page. Zen Cart takes security very seriously, and in addition to responding to published security alerts as quickly as possible, we also try where we can to preempt those people that attempt to use published vulnerabilities to craft new hacks.
As such, and after a review of Admin code, and on a zero-day basis we are releasing a patch to admin code that addresses (so far unpublished) possible XSS vulnerabilities in Zen Cart.
The patch instructions are shown below.
A zip of this changed file will be posted on SourceForge shortly.
v1.3.6 and newer ... already has these fixes built-in.
v1.3.5 -- this patch has been added to the list of released files here:
http://sourceforge.net/project/showf...ease_id=444622
For older releases:
For v1.3.0.x the fixes are the same for each:
V1.3.0.2 http://sourceforge.net/project/showf...ease_id=426669
V1.3.0.1 http://sourceforge.net/project/showf...ease_id=412075
V1.3.0.0 http://sourceforge.net/project/showf...ease_id=405704
For v1.2.x the fixes are the same for each 1.2.x edition:
V1.2.7 http://sourceforge.net/project/showf...ease_id=392886
V1.2.6 http://sourceforge.net/project/showf...ease_id=350699
Older v1.2.x releases: http://sourceforge.net/project/showf...kage_id=125709
For versions prior to v1.2.4 -- please upgrade or apply the patches manually by merging changed files from a newer release.
================================
Today's XSS fix announcement can be implemented manually as follows:
V1.3.x
At the bottom of /admin/includes/init_includes/init_general_funcs.php
add the following code before the closing ?>
V1.2.xCode://----------------- if (isset($_GET) & sizeof($_GET) > 0 ) { foreach ($_GET as $key=>$value) { $_GET[$key] = strip_tags($value); } } //-----------------
Create a new file:
/admin/includes/functions/extra_functions/sanitize_against_xss.php
Containing the following code:
(Be sure not to have any blank lines after the closing ?> )Code:<?php /** * @package admin * @copyright Copyright 2003-2006 Zen Cart Development Team * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0 * @version $Id: sanitize_against_xss.php 4682 2006-10-06 20:52:56Z wilt $ */ if (isset($_GET) & sizeof($_GET) > 0 ) { foreach ($_GET as $key=>$value) { $_GET[$key] = strip_tags($value); } } ?>
Results 1 to 2 of 2
Threaded View
-
6 Oct 2006, 11:31 PM #1
Oji-san
- Join Date
- Jun 2003
- Location
- Newcastle UK
- Posts
- 2,896
- Blog Entries
- 2
- Plugin Contributions
- 2
Zero-Day XSS Security Fix (applies to all versions)
Similar Threads
-
v139h Question for checkout_confirmation/header_php.php XSS comment field fix
By cstdenis in forum Bug ReportsReplies: 1Last Post: 2 Dec 2015, 07:31 PM -
xss fix vs google checkout - how do I do this?
By fats1964 in forum General QuestionsReplies: 0Last Post: 5 Jul 2007, 05:04 PM -
[FIX] v1.3.5 XSS Exploits Found
By catv in forum Bug ReportsReplies: 19Last Post: 29 Oct 2006, 05:51 PM -
Zero-Day XSS Security Fix
By athena in forum General QuestionsReplies: 2Last Post: 12 Oct 2006, 08:17 PM
Bookmarks