Security Vulnerabilities Reported

FIXED clintoncards.co.uk

clintoncards.co.uk

XSS vulnerability through search form.

The search query is sent as a GET parameter and escaped correctly when rendering the search form, however it is not escaped on a later hidden form allowing code to be rendered directly from a malicious URL.

Reported Fixed

Back