Vulnerability Development mailing list archives
Re: cross site scripting... is your site on this list
From: Dom De Vitto <dom () DEVITTO COM>
Date: Thu, 14 Dec 2000 23:14:59 -0000
Only if the site spits out 'trusted' information, a good example would be if it has https, cookies etc. Basically CSS means you can make your pages look, and be trusted, a little like the site's own. Dom | -----Original Message----- | From: VULN-DEV List [mailto:VULN-DEV () securityfocus com]On Behalf Of Ryan | Yagatich | Sent: 14 December 2000 04:57 | To: VULN-DEV () securityfocus com | Subject: cross site scripting... is your site on this list | | | This is a known problem with places... here is a list of servers i found | that have this bug still... is your site on this list?? | | http://www.freeasp.com | http://hotbot.lycos.com | http://www.go.com | http://www.canada.com | http://www.fireball.de | http://www.funkycat.com | http://www.worldlight.com | http://www.searchit.com | http://www.theatre-link.com (sort-of) | http://www.1800ussearch.com | http://www.monstercrawler.com | http://search.wolfram.com | http://www.lycos.com | http://www.faqs.org | http://search.icq.com | http://www.looksmart.com | http://www.godado.co.uk (shows full path to script... hrm...) | http://www.lyricsearch.com | http://www.computerservicenow.com | | until i find what the *real* threat is behind this, i have not | notified any | of these people... should i? | | | ryan | | ----- | those who have no life are those who spend their time complaining about | the ones being criticised | ----- |
Current thread:
- cross site scripting... is your site on this list Ryan Yagatich (Dec 15)
- Re: cross site scripting... is your site on this list Dom De Vitto (Dec 15)
- Re: cross site scripting... is your site on this list Bluefish (P.Magnusson) (Dec 17)
- Re: cross site scripting... is your site on this list fire-eyes (Dec 18)