Full Disclosure: Re: [0 Day] XSS Persistent in Blogspot of Google

Re: [0 Day] XSS Persistent in Blogspot of Google

From: Guifre <guifre.ruiz () gmail com>
Date: Mon, 28 Jan 2013 11:51:44 +0100

Hello,

Agree with Michal. It is very interesting to get to know know new
complex xss vulnerabilities.

IMAHO, the issue here is claiming to have found a vulnerability
without providing a PoC of how to use it to violate a security policy
of the targeted service, probably because there are none, and
therefore it's not a vulnerability but a feature.

Regards,
Guifre.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

[0 Day] XSS Persistent in Blogspot of Google ANTRAX (Jan 22)
- Re: [0 Day] XSS Persistent in Blogspot of Google Jakub Zoczek (Jan 22)
  - Re: [0 Day] XSS Persistent in Blogspot of Google ANTRAX (Jan 22)
    - Re: [0 Day] XSS Persistent in Blogspot of Google Gynvael Coldwind (Jan 25)
    - Re: [0 Day] XSS Persistent in Blogspot of Google ANTRAX (Jan 25)
    - Re: [0 Day] XSS Persistent in Blogspot of Google Elfius (Jan 27)
    - Re: [0 Day] XSS Persistent in Blogspot of Google Michal Zalewski (Jan 28)
    - Re: [0 Day] XSS Persistent in Blogspot of Google Guifre (Jan 29)
    - Re: [0 Day] XSS Persistent in Blogspot of Google antisnatchor (Jan 29)
- Re: [0 Day] XSS Persistent in Blogspot of Google WHK Yan (Jan 22)