Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history
From: Mateusz Goik <mateusz.goik () aliantsoft pl>
Date: Mon, 27 Feb 2012 17:11:32 +0100

Hi,

I would add it is possible - read / create files on users hdd. (using
the method - GET / PUT)
Tested on Backtrack 5 r1 (kadu 0.10.0 - compiled from source).

Mateusz Goik


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault