The Support Forum is closed. Not to worry! Providing the top quality support you expect and we're known for will continue! We're not ending support, just changing where you submit requests. This will provide you with the best experience possible.
Have you purchased an addon for Connections such as one of our premium templates or extensions with a valid license and you need help?
Please open a Support Ticket in your user account.
Are you using the free Connections plugin? Don't worry, you are still very important to us! We are still providing you with the same high quality support that we're known for.
Please open a new support topic in the WordPress support forums for Connections.
GoDaddy has recently advised “Your site seal has been revoked. All open issues must be resolved to reinstate the seal.”
The issues that they are referring are described as followed:
Using the GET HTTP method, Site Scanner found that :
+ The following resources may be vulnerable to cross-site scripting (comprehensive test) :
+ The ‘cn-cat’ parameter of the /directory/ CGI :
——– output ——–
<option value=””>Show All Categories</option><option style=”paddin […]
[…] irectory/pg/4?cn-cat= <script>alert(203)</script>” title=”Last Page” cla […]
<div class=”connections-list cn-clear” id=”cn-list-body”>
Can you assist in this in any way…I’m not sure how to fix this and get my security seal back?
I just pushed and update which properly sanitizes the query variable being used for the XSS attach. I suggest updating to 0.7.9.4 asap.
Thanks Steven for the quick response, gonna do now.
You cannot reply to this support topic. Please open your own support topic.