Thread: CSRF
View Single Post
  #1  
Old January 21st, 2015, 05:43 AM
stevenlalwani stevenlalwani is offline
 
Join Date: Nov 2014
Posts: 58
Default CSRF

Health.humongousmall.com

I have Sitelock on Humongousmall.com.

I received the following vulnerability warning on one of the sub domains:

URL:http://health.humongousmall.com/store/search/?=Find it!&price=1&tags=1&word=1
Cross site scripting vulnerability found in args:,price,tags,word

URL:http://health.humongousmall.com/store/search/?=Find it!&brand=1&price=1&tags=1&word=1
Cross site scripting vulnerability found in args:,brand,price,tags,word

URL:http://health.humongousmall.com/stor...&tags=1&word=1
Cross site scripting vulnerability found in args:,brand,price,tags,word

URL:http://health.humongousmall.com/stor...&tags=1&word=1
Cross site scripting vulnerability found in args:,brand,price,tags,word

URL:http://health.humongousmall.com/stor...&tags=1&word=1
Cross site scripting vulnerability found in args:,brand,price,tags,word

URL:http://health.humongousmall.com/stor...&tags=1&word=1
Cross site scripting vulnerability found in args:,brand,price,tags,word

URL:http://health.humongousmall.com/stor...&tags=1&word=1
Cross site scripting vulnerability found in args:brand,price,tags,word

URL:http://health.humongousmall.com/stor...&tags=1&word=1
Cross site scripting vulnerability found in args:brand,price,tags,word

URL:http://health.humongousmall.com/stor...&tags=1&word=1
Cross site scripting vulnerability found in args:brand,price,tags,word

URL:http://health.humongousmall.com/stor...&tags=1&word=1
Cross site scripting vulnerability found in args:brand,price,tags,word

URL:http://health.humongousmall.com/stor...&tags=1&word=1
Cross site scripting vulnerability found in argsrice,tags,word

URL:http://health.humongousmall.com/stor...&tags=1&word=1
Cross site scripting vulnerability found in argsrice,tags,word

URL:http://health.humongousmall.com/stor...&tags=1&word=1
Cross site scripting vulnerability found in argsrice,tags,word

URL:http://health.humongousmall.com/stor...&tags=1&word=1
Cross site scripting vulnerability found in argsrice,tags,word


How do fix this?