Re: [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting
From: Gregory Steuck (greg-fulldisclosure_at_nest.cx)
Date: 10/20/03
- Previous message: Kain: "Re: [Full-Disclosure] Windows covert channel"
- In reply to: jelmer: "Re: [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting"
- Next in thread: jelmer: "Re: [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting"
- Reply: jelmer: "Re: [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: jelmer <jkuperus@planet.nl> Date: 19 Oct 2003 22:27:23 -0700
>>>>> "jelmer" == jelmer <jkuperus@planet.nl> writes:
jelmer> Donny, These are in the example applications, which any sane
jelmer> admin should disable right away, much like caucho-status
jelmer> These are basic procedures in setting up a server.
Yes, but is it not extremely lame of the vendor to ship samples with
XSS vulnerabilities?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Kain: "Re: [Full-Disclosure] Windows covert channel"
- In reply to: jelmer: "Re: [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting"
- Next in thread: jelmer: "Re: [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting"
- Reply: jelmer: "Re: [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
