Full Disclosure mailing list archives

Re: StumbleUpon XSS (fixed)

From: "Robert Holgstad" <rholgstad () gmail com>
Date: Tue, 12 Aug 2008 13:41:28 -0500

hi berend,

we don't care

cheers,
full disclosure

On Tue, Aug 12, 2008 at 7:03 AM, Berend-Jan Wever
<berendjanwever () gmail com>wrote:

Hi all,

I found an XSS issue in StumbleUpon, which has been fixed. If you're
interested in what the problem was, look here: http://skypher.com/

What I found most interesting about this case is that there were only 40
minutes between the acknowledgement of receipt of my email about the issue
and their fix being online. In my experience that is really, really fast!

Cheers,

SkyLined


--------------------------------------------------------------------------------------------------------
Berend-Jan Wever <berendjanwever () gmail com> http://skypher.com


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

StumbleUpon XSS (fixed) Berend-Jan Wever (Aug 12)
- Re: StumbleUpon XSS (fixed) Robert Holgstad (Aug 12)