Home :: Install Services :: Installation of X-Cart security patch 2015-04-28

Installation of X-Cart security patch 2015-04-28

Domain

X-Cart version

$65.00

Quantity

Ask a question about this product

Overview
Customers also bought
Customer feedback

Installation of X-Cart security patch 2015-04-28

AFFECTED VERSIONS:
All X-Cart versions from 4.0.19 through 4.7.1

SEVERITY:
High

IMPACT:
• XSS vulnerability on the order search page (4.7.0 and 4.7.1 only);
• XSS vulnerability on the registration page (versions 4.7.1 and earlier);
• XSS vulnerability for the Customer_Reviews/Advanced_Customer_Reviews modules (versions 4.7.1 and earlier);
• XSS Smarty vulnerability (versions 4.6.1 and earlier);
• XSS vulnerability for the Product_Configurator(Product Wizard) module (versions 4.6.1 and earlier);
• Posible SQL injection on the cart page (versions 4.7.1 and earlier);
• Hacker can gain full access to the store's Admin back end in some cases for Platinum/Pro editions (versions 4.6.4 and earlier);
• X-Cart Protected Mode does not work in some cases (versions 4.6.4 and earlier);