Full Disclosure mailing list archives
Re: Dotclear 1.* Cross Site Scripting Vulnerability
From: "Nikolay Kichukov" <hijacker () oldum net>
Date: Tue, 17 Apr 2007 16:06:58 +0300
It would've been nice if that was in English... Anyways, seems to be a nice review.. -nik ----- Original Message ----- From: "Julien Dhaille" <julien () wargan com> To: <full-disclosure () lists grok org uk> Sent: Tuesday, April 17, 2007 12:29 PM Subject: [Full-disclosure] Dotclear 1.* Cross Site Scripting Vulnerability
I wrote a paper about Xss exploitation with this bug.
http://wargan.org/index.php/2007/04/16/9-dotclear-126-hijack-authenticated-session
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Dotclear 1.* Cross Site Scripting Vulnerability nssimo nssimo (Apr 12)
- <Possible follow-ups>
- Dotclear 1.* Cross Site Scripting Vulnerability Julien Dhaille (Apr 17)
- Re: Dotclear 1.* Cross Site Scripting Vulnerability Nikolay Kichukov (Apr 17)
- Re: Dotclear 1.* Cross Site Scripting Vulnerability Julien Dhaille (Apr 17)
- Re: Dotclear 1.* Cross Site Scripting Vulnerability Nikolay Kichukov (Apr 17)