[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting

To: jelmer <jkuperus@planet.nl>
Subject: Re: [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting
From: Gregory Steuck <greg-fulldisclosure@nest.cx>
Date: 19 Oct 2003 22:27:23 -0700

>>>>> "jelmer" == jelmer  <jkuperus@planet.nl> writes:

    jelmer> Donny, These are in the example applications, which any sane
    jelmer> admin should disable right away, much like caucho-status
    jelmer> These are basic procedures in setting up a server.

Yes, but is it not extremely lame of the vendor to ship samples with
XSS vulnerabilities?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting
  - From: jelmer <jkuperus@planet.nl>

References:
- [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting
  - From: "morning_wood" <se_cur_ity@hotmail.com>
- Re: [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting
  - From: jelmer <jkuperus@planet.nl>

Prev by Date: RE: [Full-Disclosure] AT&T early warning system
Next by Date: [Full-Disclosure] JAP Wins Court Victory
Previous by thread: Re: [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting
Next by thread: Re: [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting
Index(es):
- Date
- Thread