Hit Enter to Search
Forum › Forum › Magento Theme › SNS Riveshop – Magento Theme › Script tag in "sidenav.php" is causing Cross Site Scripting issue
In the file “\app\design\frontend\sns_riveshop\default\template\sns\blocks\sidenav.php”, there is a script tag, which changes an icon in the template.
If someone attempts to attack the site with a php inserted script. for example,
An artifact of the sidenav.php script appears at the bottom of layered navigation.
You must be logged in to reply to this topic. Click here to login or register