Quote:
|
Originally Posted by DanUK
I've tried to use the 3.5.x version of prepare.php on my 3.5.4 installation and all I get is "page cannot be displayed" after a few seconds. Hopefully this won't be a security update I have to pay to have done  . Anyone else have problems? |
May I suppose you didn't follow to the recommendation to upgrade to 3.5.6 we advised in the 'Security system upgrade for X-Cart' message (Help Desk, Apr 15 2004)?
The script prepare.php that is included into this update pack considers the improvements of the security system we made for 3.5.x branch.
We can provide you with a separate prepare.php script that will suite for 3.5.4, however it will fix this CSS vulnerability but not the other more serious security issues in your store. I highly recommend you to upgrade.