[Full-disclosure] StumbleUpon XSS (fixed)
- From: "Berend-Jan Wever" <berendjanwever@xxxxxxxxx>
- Date: Tue, 12 Aug 2008 14:03:47 +0200
Hi all,
I found an XSS issue in StumbleUpon, which has been fixed. If you're
interested in what the problem was, look here: http://skypher.com/
What I found most interesting about this case is that there were only 40
minutes between the acknowledgement of receipt of my email about the issue
and their fix being online. In my experience that is really, really fast!
Cheers,
SkyLined
--------------------------------------------------------------------------------------------------------
Berend-Jan Wever <berendjanwever@xxxxxxxxx> http://skypher.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- Re: [Full-disclosure] StumbleUpon XSS (fixed)
- From: Robert Holgstad
- Re: [Full-disclosure] StumbleUpon XSS (fixed)
- Prev by Date: Re: [Full-disclosure] Surf Jack - HTTPS will not save you
- Next by Date: [Full-disclosure] Secret Plan To Kill Internet By 2012 Leaked?
- Previous by thread: [Full-disclosure] Layered Defense Research Advisory: Alcatel-Lucent OmniSwitch products, Stack Buffer Overflow
- Next by thread: Re: [Full-disclosure] StumbleUpon XSS (fixed)
- Index(es):
Relevant Pages
|
