Magento Forum

   
Scan Returns Advanced Search Result and Customer Address Form Post Vulnerabilities
 
janellez
Jr. Member
 
Total Posts:  15
Joined:  2010-03-08
 

On a Community 1.7.0.2 install, a security scan came back with the result that these two pages/processes are vulnerable to blind SQL injection -

/catalogsearch/advanced/result
/customer/address/formPost/

I have a hard time believing that no one else has had this or that if it’s a true issue, there isn’t a patch.  Or is there, and I haven’t seen it?

Thanks for any help or insight.

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
    Back to top