[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Is OWASP vulnerable ??

To: Scarlet Pimpernel <kishfellow@xxxxxxxxx>
Subject: Re: [Full-disclosure] Is OWASP vulnerable ??
From: jf <jf@xxxxxxxxxxxxxxxxxxxx>
Date: Sun, 11 Mar 2007 04:24:54 +0000 (UTC)

> if (wgBreakFrames) {

thats a variable, not a function; even if it were a function, i dont think
it would make any difference- im not a javascript/xss expert, but id think
youd have to inject js into the page to do anything with it, which would
make it a moot point. If you look at your js console in your browser you
will find other undefined variables.

> Remember there is alwayz someone who knows more than us out there

and you're not one of them

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Is OWASP vulnerable ??
  - From: Scarlet Pimpernel

Prev by Date: [Full-disclosure] Is OWASP vulnerable ??
Next by Date: Re: [Full-disclosure] Is OWASP vulnerable ??
Previous by thread: [Full-disclosure] Is OWASP vulnerable ??
Next by thread: Re: [Full-disclosure] Is OWASP vulnerable ??
Index(es):
- Date
- Thread