[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2
From: Scott Herbert <scott.a.herbert@xxxxxxxxxxxxxx>
Date: Tue, 2 Oct 2012 17:08:56 +0100

At the time I thought this was the "correct" way to report things. I've
since stopped spamming them with every little hole I find.

I couldn't find a n00b's guide to reporting, so I'm making it up as I go
along. If there is a guide online somewhere I'd 1) love to read it and 2)
think it should be better publicised.



> -----Original Message-----
> Why did you report this to UKCERT?
>


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2
  - From: Scott Herbert
- Re: [Full-disclosure] Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2
  - From: Benji

Prev by Date: [Full-disclosure] [ MDVSA-2012:153-1 ] dhcp
Next by Date: [Full-disclosure] [ MDVSA-2012:157 ] openjpeg
Previous by thread: Re: [Full-disclosure] Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2
Next by thread: Re: [Full-disclosure] Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2
Index(es):
- Date
- Thread