Zen Cart announces zero-day XSS security fix

Zen Cart takes security very seriously, and in addition to responding to published security alerts as quickly as possible, we also try where we can to preempt those people that attempt to use published vulnerabilities to craft new hacks.

As such, and after a review of Admin code, and on a zero-day basis we are releasing a patch to admin code that addresses (so far unpublished) possible XSS vulnerabilities in Zen Cart.

Details of the fix and protection instructions can be found on our support forum, at http://www.zen-cart.com/forum/showthread.php?t=48241

Patches are available in the File Releases here on SourceForge

Posted by Chris Brown 2006-10-06