Magento

Skip to site navigation »
Skip to main content »
Skip to footer content »

Sales: Call 877.832.5289 (N America)|310.295.4144 (International)

Magento Forum

Serious Open Redirect Vunerability

developerx Total Posts: 25 Joined: 2007-10-24 Ignore user	Ok, due to not being able to pm a magento team member have had to post this here.. Unfortunately this means if you don’t patch this people can use your magento installation to open redirect people POST Below variables to /customer/account/createpost/ Body success_url=0 error_url=http://www.scanalert.com/ is_subscribed=1 firstname=0 lastname=0 email=0 password=0 confirmation=0 This fails PCI compliancy in its current state. The version we have tested on is 1.0.19870.4
	Posted: July 17 2008 \| top

Table showing up at bottom of page

MYOB Checkout integration

Sales: Call 877.832.5289 (North America) 310.295.4144 (International)

© Copyright 2008 Varien. Magento, eCommerce software, is a trademark of Irubin Consulting Inc. DBA Varien
Privacy Policy|Terms of Service Magento Community Count
50098 users|445 users currently online|102231 forum posts

eCommerce Software for Online Growth

Magento Forum

Magento Newsletter