Bugtraq mailing list archives
Re: [WEB SECURITY] countermeasure against attacks through HTML shared files
From: fcorella () pomcor com
Date: Fri, 07 Nov 2008 17:38:29 +0000
Hi Adrian,
It would have been cool to mention Microsoft SharePoint as an example of a popular file sharing system that allows persistent XSS through shared HTML files. i.e.:
Thanks for pointing this out. I didn't look at SharePoint, actually. I did look at many others, and didn't find any that took any explicit precautions against XSS through shared files. But I thought there was no need to mention any names in the paper. Francisco
Current thread:
- Re: [WEB SECURITY] countermeasure against attacks through HTML shared files fcorella (Nov 07)
- <Possible follow-ups>
- Re: [WEB SECURITY] countermeasure against attacks through HTML shared files fcorella (Nov 09)
- Re: [WEB SECURITY] countermeasure against attacks through HTML shared files fcorella (Nov 11)