This is old news but I came across the actual article regarding form
tampering - the potential ability for customers to reduce prices in the
order form, clearly without the merchants knowledge. See
http://www.iss.net/security_center/alerts/advise42.php
Since shopsite is not mentioned can we assume that this is not relevant for
us.
Richard.
www.shoplite.com
Security Alert
2 posts
• Page 1 of 1
Re: Security Alert
by loren_d_c » Thu Mar 28, 2002 3:47 pm
Yes, you may assume (correctly) that ShopSite does NOT have this vunerability.
This problem occurs in shopping carts that allow the price to be passed from
the HTML source (PayPal's shopping cart is one example of this). ShopSite, on
the other hand, retrieves the price information from the product database, so
it does NOT allow shoppers to change the price simply by modifying the HTML.
-Loren
"shoplite.com" wrote:
This problem occurs in shopping carts that allow the price to be passed from
the HTML source (PayPal's shopping cart is one example of this). ShopSite, on
the other hand, retrieves the price information from the product database, so
it does NOT allow shoppers to change the price simply by modifying the HTML.
-Loren
"shoplite.com" wrote:
This is old news but I came across the actual article regarding form
tampering - the potential ability for customers to reduce prices in the
order form, clearly without the merchants knowledge. See
http://www.iss.net/security_center/alerts/advise42.php
Since shopsite is not mentioned can we assume that this is not relevant for
us.
Richard.
www.shoplite.com
- loren_d_c
- Posts: 2571
- Joined: Fri Aug 04, 2006 12:02 pm
- Location: Anywhere
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 29 guests