XF 1.4 help

[remi35150]

hello,
I ask because I support a flaw xss Stored and I do not know how to simply remove. the guy but recovered logs and
Can you help me

 

[Paul B]

It's not clear what the issue is, can you rephrase?

 

[remi35150]

I have a Stored xss flaw on my forum, I made hacker but you know qu'ois login?

 

[Paul B]

If you are saying your server has been compromised, you will need to identify how they gained access and take steps to prevent it happening again.

You will then need to remove any relates files or malware.

The server logs can be inspected to see if there is any record of who accessed the server, etc.

 

[remi35150]

I have a flaw xss Stored

 

[Mike]

Without any knowledge of what the issue is specifically, where it is, etc, there isn't any way that we can really comment on what to do.

 

[remi35150]

My forum to xss Stored fault and I would simply remove the but I do not know how

 

[Dakota Storm]

There's a definite language issue here.

Maybe post in your native tongue and someone can translate?

 

[remi35150]

I am French and I do not speak much English

 

[Mike]

But you haven't explained where the XSS is. We can't give you any sort of explanation without specifics of what you're trying to report.

 

[remi35150]

I do not know where it is but recovered user cookies

 

[Mike]

What led you to believe there's a stored XSS then exactly?

If you don't know where it is, then it isn't really possible to fix. At best, you could remove everything and start again, but you may leave the same hole open next time, so that isn't very useful. (There aren't any known XSS issues in the current releases of XenForo and all of our official add-ons; as usual, I couldn't say whether there are issues in third party add-ons.)