Hello, I developed my website with K2 and miniK2.
Recently I discovered how new users were created, and used the domain to spam through mail, as I receive returned unknown mails...
I installed SecurityCheck, and at the first scan I see a lot of issues, mostly XSS (possible) attacks...
they all refer to /index.php and module com_k2.
Is there a safe way to delete all these attacks?
Should I remove k2 and reinstall it?? As the web site is strongly based on k2, uninstalling this module would require to recreate all the modules based on k2 content/items??
Should just upgrade to the new version resolve the issue??
I really have few knowledge of xss attacks, and how to eliminate them...
Thank you in advance