Email Question:
hi there, I am struggling with something, I run BPS on my website, but found that someone got through. See below :-
Cross Site Scripting
URL: http: //new.example.com/portfolios/media/?cpt_item=liberty-professionals
Affected Parameter: yit_contact[email]
Vector Used: “>
Pattern found: “>
Complete Attack:
http: //new.example.com/portfolios/media?cpt_item=liberty-professionals [yit_contact[name]= &yit_contact[email]="> &yit_contact[message]= &yit_bot= &yit_action=sendemail &yit_referer=http: //new.example.com/portfolios/media/?cpt_item=liberty-professionals &id_form=228 &yit_sendemail=Say Hello]
I would like to have the htaccess filter out < > characters and stop cross browser, is this something PRO would bet better at?? Thanks.