The other possibility is that it isn't the suckerfish code, but the
actual links you have in your markup that get turned into the menu. If
you are handling query string params in any of those links I would
start looking there.
On Jun 19, 1:45 pm, Olivier Percebois-Garve perceb...@gmail.com
How is Javascript going to do a SQL injection ?
On Fri, Jun 19, 2009 at 08:16, NationPress i...@nationpress.com wrote:
The client we're building a site for recently had a server wide scan
done by SecurityMetrics.com for PCI compliance. This was required by
their banks commercial credit card
I think it must've been a low level issue. I don't know the internals
of Superfish, but maybe the scan couldn't find code to escape()-ing
URLs for XSS attacks or something when generating the menu. Obviously
Superfish cannot be the cause of SQL injections... it just sends you
to other URLs.
On
I dont see how superfish relates to sql.
Aren't they rather referring to the server-side code handling the
navigation ?
NationPress wrote:
The client we're building a site for recently had a server wide scan
done by SecurityMetrics.com for PCI compliance. This was required by
their banks
4 matches
Mail list logo
