|
Full Disclosure
mailing list archives
Re: [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability
From: BlackHawk <hawkgotyou () gmail com>
Date: Thu, 17 Jan 2008 21:12:03 +0100
======
4) Fix
======
Notepad should be rewritten to filter potentially dangerous
characters. Characters can be converted to their html encoded
equivalents.
translated: you CAN'T write pages in HTML with any program..
Fredrick Diggle Security Services is probably the best application
security researchers on the scene this month. They have identified
several hundred thousand vulnerabilities this week[..]
i think you must read this: http://www.amazon.com/PCs-Dummies-Quick-Reference-Gookin/dp/0764507222
--
Best regards,
BlackHawk mailto:hawkgotyou () gmail com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
