Bugtraq mailing list archives

Re: Oblog XSS valnerability

From: dan.crowley () gmail com
Date: Sat, 24 Jan 2009 12:57:22 -0700

Can you be more specific? I tested this vulnerability on Oblog v4.5 with the following XSS string:

<script>alert("xss")</script>

Both the angle brackets and quotes were filtered, so I don't believe that this version is vulnerable to the problem you 
describe.

Can you tell us what version you tested?

Current thread:

Oblog XSS valnerability arash . setayeshi (Jan 23)
- <Possible follow-ups>
- Re: Oblog XSS valnerability dan . crowley (Jan 26)