Referer XSS in ExpressionEngine
Solution for Referer XSS in ExpressionEngine.
Here is information provided by vendor:
The $_SERVER['HTTP_REFERER'] variable is actually sanitized before inserted into the database (and thus before outputted). This is done not in the core.input.php file, but in the core.functions.php file where the processing is done. When sanitation is done in ExpressionEngine XSS code is converted into HTML entities making it impotent when displayed but still allowing an administrator to safely view the code. However, before being inserted into the database. ExpressionEngine also runs a referrer spam prevention script on the referrer that, unfortunately, converts the HTML entities back into characters. Thus, the XSS protection was basically removed by the spam prevention script.
Here is the location of the fixed file core.functions.php that users will have to upload to their ExpressionEngine site's system/core/ file:
http://www.pmachine.com/downloads/security_fix_20060122.zip
Order PHP Code Testing
Defend against hacking by source code review of your website or web application made by Aliaksandr Hartsuyeu.The task will be done by experts in web application security.