Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Re: wordpress Lanoba Social Plugin Xss Vulnerabilities
From: Alex Davis <alex () lanoba com>
Date: Tue, 29 Nov 2011 10:04:46 -0500

Thank you Am!r for your comments and thank you Henri Salo for
reporting this to us,

While Wordpress does have a cross site scripting problem (XSS) where
not all user input is sanitized, if any of that unsanitized user input
is redirected to the screen or browser, an attacker would be able to
execute malicious scripts. However, Lanoba's plug in does sanitize
user input, and because that input is never sent to the browser, an
attacker has no way of executing script or code on a user's behalf.

Thank you again for your input, we hope you found this information to
be helpful.

Lanoba Support
support -at- lanoba.com


  By Date           By Thread  

Current thread:
  • Re: Re: wordpress Lanoba Social Plugin Xss Vulnerabilities Alex Davis (Nov 29)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]