Rank: Advanced Member
Groups: Developers
Joined: 11/7/2018(UTC) Posts: 303
Thanks: 21 times Was thanked: 5 time(s) in 5 post(s)
|
I noticed this list of emails to send a back in stock notification to while I was troubleshooting a related issue. Is there any email validation on the form to for customer to request back in stock notification? Here is what I see in the admin for one site. testing@example.com, testing@example.com' AND 2*3*8=6*8 AND 'eKpW'='eKpW, testing@example.com" AND 2*3*8=6*8 AND "WKay"="WKay, testing@example.com%' AND 2*3*8=6*8 AND 'Y6nQ'!='Y6nQ%, testing@example.com'||', testing@example.com'|||', testing@example.com'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||', testing@example.com' AND 2*3*8=6*8 AND 'GuGw'='GuGw, testing@example.com" AND 2*3*8=6*8 AND "EZrN"="EZrN, testing@example.com%' AND 2*3*8=6*8 AND 'Guou'!='Guou%, testing@example.com...
|
|
|
|
Rank: Advanced Member
Groups: System, Administrators, Developers, Registered, HelpDesk Joined: 10/29/2018(UTC) Posts: 472
Thanks: 4 times Was thanked: 34 time(s) in 33 post(s)
|
Hi Judy,
This was another issue we fixed in the last release of 9.0.8. Email validation was improved and prevention of SQL injection code.
Issue ID AC9-2081 |
Thanks for your support!
Katie Secure eCommerce Software and Hosting |
|
|
|
Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.
Important Information:
The AbleCommerce Forums uses cookies. By continuing to browse this site, you are agreeing to our use of cookies.
More Details
Close