Security Awareness - Zencart Stores

HollyS · #1 12-30-2006, 03:41 PM

I've been on a couple of blogs lately where I've clicked on a link or image to someone's store only to find out that that link contains something it should never...the part of the url that reads &zenid=awer09-0712w344848602345 (or some weird string). It's very innocent to be in a store and want to copy the url and give it someone so they can go visit it. BUT...here's the problem if you include that part of the url that begins with "zenid=". This is a session id and when multiple users click the link with this is in it close in time, they all could potentially share the same session and potentially the same user account. NOT GOOD.

FYI, we haven't been the victim of this...just taking precautions with all users.

beany · #2 12-30-2006, 04:57 PM

Thanks for the heads up :)

steph · #3 12-30-2006, 06:52 PM

Thanks Holly... that would be a small nasty if it did happen... thanks for the head up!

okblues · #4 01-01-2007, 02:30 PM

Thanks Holly. That isn't a good thing to happen.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode