Security Alert

This is an archive of old posting to the User Forum

Security Alert

Postby shoplite.com » Thu Mar 28, 2002 2:11 pm

This is old news but I came across the actual article regarding form
tampering - the potential ability for customers to reduce prices in the
order form, clearly without the merchants knowledge. See
http://www.iss.net/security_center/alerts/advise42.php

Since shopsite is not mentioned can we assume that this is not relevant for
us.

Richard.
www.shoplite.com
shoplite.com
 

Re: Security Alert

Postby loren_d_c » Thu Mar 28, 2002 3:47 pm

Yes, you may assume (correctly) that ShopSite does NOT have this vunerability.
This problem occurs in shopping carts that allow the price to be passed from
the HTML source (PayPal's shopping cart is one example of this). ShopSite, on
the other hand, retrieves the price information from the product database, so
it does NOT allow shoppers to change the price simply by modifying the HTML.

-Loren


"shoplite.com" wrote:

This is old news but I came across the actual article regarding form
tampering - the potential ability for customers to reduce prices in the
order form, clearly without the merchants knowledge. See
http://www.iss.net/security_center/alerts/advise42.php

Since shopsite is not mentioned can we assume that this is not relevant for
us.

Richard.
www.shoplite.com
loren_d_c
 
Posts: 2571
Joined: Fri Aug 04, 2006 12:02 pm
Location: Anywhere


Return to User Forum Archive

Who is online

Users browsing this forum: No registered users and 25 guests