Full Disclosure mailing list archives
Re: BLOGGER XSS VULNERABILITY
From: "Harry Muchow" <wonderfulandromeda () gmail com>
Date: Mon, 13 Aug 2007 23:19:26 +0530
Comments do not allow javascript. Safe!!! On 8/13/07, Valdis.Kletnieks () vt edu <Valdis.Kletnieks () vt edu> wrote:
On Sun, 12 Aug 2007 21:41:05 +0530, Susam Pal said:But I am the only one who is inserting the JavaScript in my blog. So, I'll end up stealing the cookies set for my domain. Why would I steal cookies set for my domain? I already know them because it is my website.Obviously, your blog doesn't allow any users to comment... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- BLOGGER XSS VULNERABILITY Daniele Costa (Aug 12)
- Re: BLOGGER XSS VULNERABILITY Susam Pal (Aug 12)
- Re: BLOGGER XSS VULNERABILITY Valdis . Kletnieks (Aug 13)
- Re: BLOGGER XSS VULNERABILITY Susam Pal (Aug 13)
- Re: BLOGGER XSS VULNERABILITY Harry Muchow (Aug 13)
- Re: BLOGGER XSS VULNERABILITY Valdis . Kletnieks (Aug 13)
- Re: BLOGGER XSS VULNERABILITY Susam Pal (Aug 12)