megaphone
Update your Profile with your Support type to get your Support Type badge.
Nominate Your Peers for NetSuite Support Community's Choice of the Quarter! Submit your nomination today.
Expand your NetSuite knowledge by joining our Ask A Guru Live sessions. RSVP on this event now.
Now is the time to ask your NetSuite-savvy friends and colleagues to join the NetSuite Support Community! Refer now! Click here!
What Topic Should We Cover Next? Your idea could be our next feature—drop your suggestion now!
No Limits. Just possibilities. Join us for complimentary one-day events around the world and step into a future fueled by AI and limitless potential. Discover what's next at SuiteConnect Tour 2026.
Try Intelligent Payment Automation – Fee Free For Your First Month For more information, visit this thread.

Discussions
Stay up-to-date with the latest news from NetSuite. You’ll be in the know about how to connect with peers and take your business to new heights at our virtual, in-person, on demand events, and much more.
Now is the time to ask your NetSuite-savvy friends and colleagues to join the NetSuite Support Community! Refer now! Click here to watch and learn more!

New NS vulnerability warning from scan-alert/Hacker-safe

edited Aug 16, 2007 6:30PM in Web Site / E-Commerce 6 comments

Their message from today said...

Description
The remote web application appears to be vulnerable to cross site scripting (XSS).

The cross-site scripting attack is one of the most common, yet overlooked, security problems facing web developers today. A web site is vulnerable if it displays user-submitted content without checking for malicious script tags.

The target of cross-site scripting attacks is not the server itself, but the user files on the server, such as forms and other dynamic content. All a malicious attacker needs to do is find a page that does not properly sanitize user input, but returns the scripting code verbatim to the browser of a visitor to that website. It is important to note that websites that use SSL are just as vulnerable as websites that do not encrypt browser sessions.

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!

Leaderboard

Community Whiz

Quarter 1 (Jan-Mar 2026)

This Week's Leaders

This Month's Leaders

All Time Leaders