Full Disclosure mailing list archives

Re: Allegro.pl XSS [0-day]

From: Michal Zalewski <lcamtuf () coredump cx>
Date: Sun, 14 Apr 2013 09:58:44 -0700

CVSS2 define a standard XSS ~4.3/10, more critical are CSRF ~6.8 or Open

Redirect ~5.8

<head explodes>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Allegro.pl XSS [0-day] Georgi Guninski (Apr 13)
- <Possible follow-ups>
- Re: Allegro.pl XSS [0-day] Maksymilian Arciemowicz (Apr 14)
  - Re: Allegro.pl XSS [0-day] Michal Zalewski (Apr 14)