Hi, I have got issue with jquery that finished with pci scan failed
I have sent email to cscart guys but no answer at all
I have found something about it as below but have no idea where to paste it
I tried something by method attempt and mistake but nothing helped at all to be honest :-)
Could you help me with that issue please?
Thank you Marian
Hello Marian
I think in this place
js/lib/jquery/jquery.min.js
But before that you need to download the normal jquery file not .min.js and append this code to the end of the file.
I hope I helped.
Best regards
Robert
Many thank you for the clue mate, I have found as below
https://forum.cs-cart.com/topic/52397-jquery-xss-vulnerabilities/
Relatively simple fix for this if you are comfortable modifying a core file;
The snippet https://github.com/j...mment-403761229here can be added to the template file design/themes/responsive/templates/common/scripts.tpl just after the inclusion of jquery.
This allowed me to file a dispute with my ASV against the scan result, showing that I had patched the vulnerability.
I will try forward to my guru :-)
Thank you
I have got fixed this issue by our website guru but after I disputed it trustwave denied it :-( so any idea or we will need separate with cscart ? :-) Ridiculous is they do not have a f paypal iframe :-( and the best everyone silent from cscart stuff
Ok I am not going to cry but going to find what to do as next step
Regards
Who is your scanner vendor?
Hi, Truswave
Regards
Trustwave