Patch Anti Cross Scripting - by GuppY_Team 21/01/2004 @ 18:42
A "poisoned" message posted in your guestbook and this one is messed up and you find yourself trapped on your guestbook ?
It is the last trendy lucky find by the "lamers"
The principle is simple : one injects a script in the URL input of a new message and this script will infinitly loop when a person comes to read the guestbook .
Guaranteed effect : you will be "trapped" ignoring how to leave this page
If your Operating System is Windows NT, XP Familial or XP Pro, it is necessary for you to change your session. If your OS is Win98 or millennium, you may have to reboot your PC .
Nicolas has just reacted by providing an antidote which is available in the "Download" section. The zipped file antiscript.zip is composed with 2 files : controle.inc, that you will put in the [Inc] repertory, and postguest.php which will replace the original file, at the root of your GuppY.
Once these files set up, your guestbook will be safe from these bad jokers .
This modification will be integrated in the next version.
.
.
.