Search found 3 matches

Page 1 of 1

Search found 3 matches

tvs

Re: High risk CSFR problem in our OpenCart 3.0.3.2 according to Tinfoil Security

Okay, thank you. So:
1) You are confirming that 3.0.3.2 still has this vulnerability?
2) Should your suggested fix be downloaded even though 3.0.3.2 is not in the compatibility list?

Jump to post
  • Sat Jan 11, 2020 9:03 am
  • Replies 4
  • Views 689

tvs

High risk CSFR problem in our OpenCart 3.0.3.2 according to Tinfoil Security

A scan showed a "high risk" cross-site forgery request vulnerability. True or false? Here's what they say: Method GET Variable form-currency Element form Matched by Regular Expression: <form action="https://store.xxxxx.com/index.php?route=common/currency/currency" method="post" enctype="multipart/fo...

Jump to post
  • Sat Jan 11, 2020 4:49 am
  • Replies 4
  • Views 689

tvs

Security concerns - do extensions open up new problems?

Just getting 3.0.3.2 working for a new online store. I realized that we have to use SMTP in the settings > mail area, because we're on a shared secure server. (Our hosting company has disabled php mail.) So I had to put our gmail password in that area. 5 days later, someone from another country atte...

Jump to post
  • Sat Jan 04, 2020 6:37 am
  • Replies 3
  • Views 351

Page 1 of 1

Search found 3 matches