Full Disclosure mailing list archives

Re: Google HTTP Live Headers v1.0.6 - Client Side Cross Site Scripting Web Vulnerability

From: Gynvael Coldwind <gynvael () coldwind pl>
Date: Sun, 05 Jul 2015 06:30:02 +0000

Hi,

Quick question with regards to your disclosure - why are you attributing
the ownership/authorship of HTTP Live Headers to Google? The website you
linked seems to clearly says it's developed by eSolutions Nordic AB
("offered by https://www.esolutions.se";).

Also, if you found a vulnerability in eSolutions' HTTP Live Headers, why do
you include information about "Google's Chrome Web Store" in the "Product &
Service Introduction"?

And last question - did you notify eSolutions about the bug?

Cheers,
Gynvael

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

Google HTTP Live Headers v1.0.6 - Client Side Cross Site Scripting Web Vulnerability Vulnerability Lab (Jul 04)
- Re: Google HTTP Live Headers v1.0.6 - Client Side Cross Site Scripting Web Vulnerability Gynvael Coldwind (Jul 05)