Quote:
|
I have checked your HelpDesk profile and noticed that "Security updates and alerts:" checkbox in "Newsletter" section is not selected.
|
Obviously, not something I would do. And if I were X-Cart, I wouldn't offer unsubscribing from security and alert emails as an option. Security alerts must be sent, even if the user doesn't want to receive them. PS -- I never unsubscribed from any xcart emails. If you are an x-cart cusotmer and reading this, I suggest you check your communications prefs in your account profile in case you were switched off too.
But the title of the thread is "SQL error notification injection attack?" - unless you expect everyone to read every post (impossible for non-X-Cart staff, right?) -- and there was no post in the News and Announcements sub-forum (where it should have been posted at same time as email).
Quote:
|
Another way I used to inform the customers is a 'news' in HelpDesk. It was shown on October,ctober 21st. Probably you haven't visited HelpDesk during that period, or haven't paid attention to the announcement.
|
I only visit the helpdesk home page, well, never -- I have deep links to the file area and communications center.
THE ONLY WAY to reach everyone is mandatory email for these types of alerts (and a post in the news section of the forum here).
I appreciate your response here -- and I look forward to discussing the technical aspects of this patch with engineering. Thanks!
Jeremy