Vulnerability Development: Re: Re: Sourceforge.net XSS

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: Re: Sourceforge.net XSS

From: v9 () fakehalo us
Date: 13 Apr 2006 20:02:37 -0000

I understand the possibilities of XSS, however if you have to inject it as part of the URL line to have it display the 
injection i don't see how you are going to fool people, maybe encode it? otherwise it will be quite obvious, and it 
would have to be something small after being encoded.  another thing it isn't something people will "stroll" across and 
view.  I guess it still "counts" as a vulnerability. *shrug*

By Date By Thread

Current thread:

Sourceforge.net XSS the . spikey (Apr 09)
- <Possible follow-ups>
- Re: Sourceforge.net XSS v9 (Apr 12)
  - Re: Sourceforge.net XSS Daniel (Apr 12)
- Re: Re: Sourceforge.net XSS v9 (Apr 13)
  - Re: Sourceforge.net XSS ascii (Apr 13)
- Re: Sourceforge.net XSS Juan C Calderon (Apr 17)
  - Re: Sourceforge.net XSS v9 (Apr 17)
    - Re: Sourceforge.net XSS morgan allen (Apr 18)
    - Re: Sourceforge.net XSS Valdis . Kletnieks (Apr 18)