Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Pentestn ASP website with tinymce

From: "Luana C. Rocha" <luanac.rocha () gmail com>
Date: Tue, 31 Aug 2010 13:30:25 -0300
 Hi,

The company whose i work for is in process evaluating a new website.
They are not concerned about security, but with how easy is to update the website content. At this moment the developer that is winning this evaluating is proposing to use tinymce as a content manager. 
I read about tinymce and I'm really concerned about our security.
Does anyone uses the tinymce? Can anyone point me a good way to pentest this site and how to enforce it's security just in case they insist to use tinymce? 

PS: please forgive-me the bad english, i'm learning yet.

LCR

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. 
http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: