[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenWiki<--v0.78 Cross-Site Scripting

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: OpenWiki<--v0.78 Cross-Site Scripting
From: DJeep@xxxxxxxxxxxx
Date: 12 Sep 2008 05:45:54 -0000

OpenWiki is _not_ vulnerable to Cross Site Scripting (XSS)

I'm the admin of OpenWiki.com and a close friend to Laurens Pit, the Creator of 
OpenWiki.

You cannot insert code in a wikipage or via URL parameters as they are all 
escaped before usage, so nothing can be compromised at other sites
 
The site has run for 8 years now. I can assure you that with such an open 
application where anyone may anonymously enter data, many have attempted to 
compromise it  But afaik it never has been.

Regards,
Jaap.

Prev by Date: Advisory 05/2008: Wordpress user_login Column SQL Truncation Vulnerability
Next by Date: Secunia Research: Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow
Previous by thread: Advisory 05/2008: Wordpress user_login Column SQL Truncation Vulnerability
Next by thread: Secunia Research: Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow
Index(es):
- Date
- Thread