Full Disclosure mailing list archives
Re: morning_wood should stop posting xss vulns insites and fix his own site.
From: "mattmurphy () kc rr com" <mattmurphy () kc rr com>
Date: Sun, 27 Jul 2003 00:07:42 -0400
my site is my site, why are you telling me to "fix" it? I knew it's 404 has xss before any of you did. Whats the big deal what my site has or hasnt... hmm? If you dont like my stuff, dont read it, my name is on every one of my posts.. every hear of filter? I dont read several advisories here based on title alone.. am i missing out? mby, mby not.. are you? XSS is a seecurity issue plain and simple, and "my site" can have or have not whatever i please, i suggest not visiting then, >hell
.. why are you even bothering to visit if you dont like.. Donnie, the point is that if you complain, don't make the same mistake. You're a hypocrite to call XSS a security issue, and then (knowingly) make the same error. It's not that hard to write a simple fix to filter your input. Basic JavaScript, Donnie, basic JavaScript. If XSS is a security issue, and the entire thesis of your so-called security list is that security issues should be dealt with, instead of hidden -- as has been your complaint before -- then you should leave that list now. Knowingly introducing vulnerabilities, and then not fixing them when several people (myself included) have noted it to you. -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: morning_wood should stop posting xss vulns insites and fix his own site. mattmurphy () kc rr com (Jul 26)
- Re: morning_wood should stop posting xss vulns insites and fix his own site. Karl DeBisschop (Jul 27)