A researcher (eSecHax0r) has reported a XSS (cross site scripting) vulnerability with TPFC:
To be honest, I'm not an expert on XSS. After contacting the researcher and reading up on on the subject, I implemented a fix (incredibily, just a one-liner) which has been accepted by him/her. Many thanks to eSecHax0r for providing information on this vulnerability and engaging in responsible disclosure.
So far, the fix has lead to one reported issue. That has been dealt with.
If you spot any other issue, please let me know.
Changes, updates etc. related to this website will be posted here.
2 posts • Page 1 of 1