Sharing is helping.

We offer you this space to share your knowledge about Magento and learn from our experienced customers.


    Home Forums Reply To: catalog search xss vulnerability Reply To: catalog search xss vulnerability

    #10477

    Anonymous

    The problem lies in: /app/code/core/Mage/CatalogSearch/Helper/Data.php

    Line 143,

    /**
    * Retrieve HTML escaped search query
    *
    * @return string
    */
    public function getEscapedQueryText()
    {
    return $this->htmlEscape($this->getQueryText());
    }

    This will only escape < > and “.

    It would be nice to allow only a-z, A-Z and numbers.