Full Disclosure mailing list archives
Re: BLOGGER XSS VULNERABILITY
From: Valdis.Kletnieks () vt edu
Date: Sun, 12 Aug 2007 22:18:09 -0400
On Sun, 12 Aug 2007 21:41:05 +0530, Susam Pal said:
But I am the only one who is inserting the JavaScript in my blog. So, I'll end up stealing the cookies set for my domain. Why would I steal cookies set for my domain? I already know them because it is my website.
Obviously, your blog doesn't allow any users to comment...
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- BLOGGER XSS VULNERABILITY Daniele Costa (Aug 12)
- Re: BLOGGER XSS VULNERABILITY Susam Pal (Aug 12)
- Re: BLOGGER XSS VULNERABILITY Valdis . Kletnieks (Aug 13)
- Re: BLOGGER XSS VULNERABILITY Susam Pal (Aug 13)
- Re: BLOGGER XSS VULNERABILITY Harry Muchow (Aug 13)
- Re: BLOGGER XSS VULNERABILITY Valdis . Kletnieks (Aug 13)
- Re: BLOGGER XSS VULNERABILITY Susam Pal (Aug 12)