Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
  • #17425

    I recently got this message from a stranger via my contact form on my website ( Is there anything to it?

    I’m a Finnish security researcher. This site is vulnerable to reflected Cross-site Scripting attacks. Please see my web-site – latest blog entry – about the issue that affects multiple themes by Kriesi.

    I would have posted this information to Kriesi’s support forum, but I’m not their customer and therefore cannot login. I feel I must now contact some vulnerable sites, because you have the possibility to ask for corrections from the developer.

    Kind Regards,

    Janne Ahlberg


    Hi greensleeves,

    I believe Kriesi is already aware of the issues Janne presents but just in case I’m tagging Kriesi as well as the rest of the support team to this thread.






    Best regards,




    I am aware and the updates are already in the pipeline, once they are approved from themeforest you will be able to download them ;)



Viewing 4 posts - 1 through 4 (of 4 total)

The topic ‘Broadscope theme vulnerable to Cross-site scripting attacks?’ is closed to new replies.