Re: Re: New Include Redirect Bug XSS All vBulletin v 3.x.x

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: Re: New Include Redirect Bug XSS All vBulletin v 3.x.x
From: scott-REMOTE-@xxxxxxxxxxxxx
Date: 22 Jun 2007 11:32:23 -0000

This isn't a directory traversal, the code is simply output on to the page as <frame src="..."> (sanitised of course), so they can only access what is available in the physical domain.

Scott MacVicar
Development Team, vBulletin

Prev by Date: [CAID 35450, 35451, 35452, 35453]: CA Products That Embed Ingres Multiple Vulnerabilities
Next by Date: eNdonesia 8.4 [multiple injection sql]
Previous by thread: Re: New Include Redirect Bug XSS All vBulletin v 3.x.x
Next by thread: Pixy - An Open-Source Vulnerability Scanner for PHP Applications
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux