[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Oblog XSS valnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Oblog XSS valnerability
From: dan.crowley@xxxxxxxxx
Date: Sat, 24 Jan 2009 12:57:22 -0700

Can you be more specific? I tested this vulnerability on Oblog v4.5 with the 
following XSS string:

<script>alert("xss")</script>

Both the angle brackets and quotes were filtered, so I don't believe that this 
version is vulnerable to the problem you describe.

Can you tell us what version you tested?

Prev by Date: CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities
Next by Date: [SECURITY] [DSA 1710-1] New ganglia-monitor-core packages fix remote code execution
Previous by thread: Oblog XSS valnerability
Next by thread: Problems with syscall filtering technologies on Linux
Index(es):
- Date
- Thread