|
Full Disclosure
mailing list archives
Re: Allegro.pl XSS [0-day]
From: Maksymilian Arciemowicz <max () cvemap org>
Date: Sun, 14 Apr 2013 11:54:22 +0200
XSS isn't a critical issue. CVSS2 define a standard XSS ~4.3/10, more
critical are CSRF ~6.8 or Open Redirect ~5.8. It's no sense public XSS in
ONE website on this list! Too many websites are vulnerable. If someone have
a nice XSS in software like phpmyadmin, it could be interesting.
--
Best regards,
Maksymilian Arciemowicz ( http://cifrex.org/ )
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: Allegro.pl XSS [0-day] Georgi Guninski (Apr 13)
- <Possible follow-ups>
- Re: Allegro.pl XSS [0-day] Maksymilian Arciemowicz (Apr 14)
| 
