Re: Oblog XSS valnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: Oblog XSS valnerability
From: dan.crowley@xxxxxxxxx
Date: Sat, 24 Jan 2009 12:57:22 -0700

Can you be more specific? I tested this vulnerability on Oblog v4.5 with the following XSS string:

<script>alert("xss")</script>

Both the angle brackets and quotes were filtered, so I don't believe that this version is vulnerable to the problem you describe.

Can you tell us what version you tested?

Prev by Date: CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities
Next by Date: WB News v2.0.X Remote File include ..
Previous by thread: Oblog XSS valnerability
Next by thread: ZDI-09-009: EMC AutoStart Backbone Engine Trusted Pointer Code Execution Vulnerability
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux