Security Fix to XSS issue to News / Blog Listing pages
1a. Open shopnewslistings.asp
1b. Below
Dim template
Add
dim archive, passmonth, passquery
archive = cleanchars(request("archive"))
passmonth = cleanchars(request("month"))
passquery = cleanchars(request.ServerVariables("QUERY_STRING"))
1c. Find and Replace all request("archive") to archive
1d. Find and replace all request("month") to passmonth
1e. Find and replace all request.ServerVariables("QUERY_STRING") to passquery
2a. Open shopblogslistings.asp
2b. Below
Dim template
Add
dim archive, passmonth, passquery
archive = cleanchars(request("archive"))
passmonth = cleanchars(request("month"))
passquery = cleanchars(request.ServerVariables("QUERY_STRING"))
2c. Find and Replace all request("archive") to archive
2d. Find and replace all request("month") to passmonth
2e. Find and replace all request.ServerVariables("QUERY_STRING") to passquery
Times Viewed:
2004
Added By:
Bobby
Date Created:
3/21/2011
Last Updated:
3/24/2011