Re: Operation TIPS

[<iangreen () ao com au>]

In-Reply-To: <Pine.LNX.4.21.0207171036190.3241-100000 () 0 undisputed net>

Having looked over the source I only see how it validates the data
the user has supplied themselves. I don't see anywhere that names in
the database are downloaded to the client.

Maybe this would reveal itself if I tried numerous variations on the
URL the form is sent to? 

"./insert_sendemail.jsp"

ie. https://www.citizencorps.gov/citizen/jsp/insert_sendemail.jsp

I have not tried this. 

Any further information?

(Of course, this is only for my own educational purposes.)