Support

 Read 10056

Looks like since the update of admin tools the com_jfbconnect component we use to sign in/up and full info from linkedin / facebook is causing a XSSShield block.

We need to stop this happening some how could you please help?

This is latest from attack log, also attatched full log

-------------------------------------------------------------------------------
Blocking reason: xssshield
-------------------------------------------------------------------------------
Date/time : 2014-10-23 12:38:00 GMT
URL : XXXXXXX
User : XXXXXX
IP : XXXXXXXXX
Country : GB
Continent : EU
UA : Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/XXXXXXXX Safari/537.36
Hash : post
Variables :
Array
(
[name] => XXXXXXX
[email] => XXXXXXXXX
[pri_contact] => XXXXXXXX
[mobile] => XXXXXXXX
[city] => London
[country] => United Kingdom
[zip] => XXXXXX
[cv_synopsis] => EEA Qualified pharmacist with experience in community pharmacy. I have been working for the past year at Pfizer but would like to get back into practising pharmacy as I miss the direct patient contact.
[curr_job_title] => Medical Information Associate
[notice] => 1 Month
[key_skills] => Community pharmacy, Pharmaceutical Care, Medicines Information, Medical writing
[expsectors] => Array
(
[0] => 3
[1] => 1
[2] => 2
[3] => 4
[4] => 5
[5] => 6
)

[pref_titles] => Pharmacist
[jobtype] => Array
(
[0] => 1
)

[areas] => Array
(
[0] => 133
[1] => 107
[2] => 110
[3] => 111
[4] => 112
[5] => 113
[6] => 114
[7] => 125
)

[prefsectorscb] => Array
(
[0] => 3
[1] => 1
[2] => 2
[3] => 4
[4] => 5
)

[currencycb] => Array
(
[0] => Any
)

[relocation] => 1
[addJobAlert] => Yes
[linkedin_url] => https://www.linkedin.com/profile/view?id=XXXXXXXX&trk=nav_responsive_tab_profile
[facebook_url] =>
[twitter_url] =>
[cont] => continue
[cvVal] =>
[exp_sectors] => 3,1,2,4,5,6
[languages] =>
[pref_jobtype] => 1
[pref_area] => 133,107,110,111,112,113,114,125
[pref_sector] => 3,1,2,4,5
[pref_currency] => Any
[id] =>
[option] => com_recmgr
[task] => updatecv
)

Excellent

Also having the same issue now with another action.

Here is the log, its the one at the bottom

I did try and add something to the exceptions but didnt work.

I am not sure why these are happening as its all been fine for the past year until upgrading AT to the latest. If you could help with this one i would be grateful.

Hey

Added this to the waf exceptions as you said but still getting it triggering the shield, here is latest and a screen of the exception setup

http://awesomescreenshot.com/0913qcwx14



-------------------------------------------------------------------------------
Blocking reason: xssshield
-------------------------------------------------------------------------------
Date/time : 2014-10-27 09:01:56 GMT
URL : http://www.xxxxxxx/addjob
User :xxxxxxxx (xxxxx <xxxxxx>)
IP : 88.81.147.143
Country : GG
Continent : EU
UA : Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/xxxxxxxx Safari/537.36
Hash : post
Variables :
Array
(
[jobtitle] => AIS Fund Accountant
[jobref] => 4112
[jobtype] => Array
(
[0] => 1
)

[sectors] => Array
(
[0] => 13
[1] => 14
[2] => 22
)

[areas] => Array
(
[0] => 127
)

[email] =>
[salarypkg] =>
[days] => 28
[loc] =>
[tel] =>
[applink] =>
[clogo] => 0
[salaryrange] => 17
[currency] => GBP
[startdate] =>
[jobdesc] => <p>
<b>Department: </b>Fund Accounting</p>
<p>
<b>Qualifications: </b>A relevant professional accounting qualification (CAT or equivalent) with financial services experience preferably in alternative investment fund accounting.</p>
<p>
<b>Job description: </b>Are you looking to join a well-established and expanding company? This is an exciting opportunity to join a leading global organisation in financial services. The successful candidate will join the team responsible for the maintenance of books and records of alternative investment fund vehicles; investor reporting and the management of the audit process. Duties will include: bookkeeping, processing payments, maintaining pro-active communication, accounting duties, resolving client / audit queries, maintaining files, specific assignments and ad-hoc duties as and when requested.</p>
<p>
The appointee will be expected to demonstrate competence in fund accounting and therefore progress with more complex cases.</p>
<p>
If you think you are the perfect candidate please apply today! - <a _fcksavedurl="mailto:xxxxxx" href="https://www.akeeba.com/mailto:xxxxxx">info@xxxxxxxx</a></p>

[featured] => 0
[published] => 1
[linkedin] => 0
[task] => addjob
[jobId] => 96
[area] => 127
[type] => 1
[sector] => 13,14,22
)

Hiya

That is what i did, deleted and readded and still the same?

Hiya

Yes its

index.php?option=com_recmgr&view=managejob&layout=addjob

Hey

So simply recmgr and blank to define all will not work?

Hey

This is what i am using

http://awesomescreenshot.com/0de3qll807

But its not allowing all like i asked it to, it will take me forever to add one for every view which is why the all or leaving the blank for view and query would be great, but doesnt seem to work

Thats a shame as i have 100's of sites with this issue.

Could i not add com_regmgr to XSS-safe request parameters as whole?