Re: Oblog XSS valnerability

From: dan.crowley@gmail.com
To: bugtraq@securityfocus.com
Cc:
Subject: Re: Oblog XSS valnerability
Date:


Can you be more specific? I tested this vulnerability on Oblog v4.5 with the following XSS string:

<script>alert("xss")</script>

Both the angle brackets and quotes were filtered, so I don't believe that this version is vulnerable to the problem you describe.

Can you tell us what version you tested?





Copyright © 1995-2019 LinuxRocket.net. All rights reserved.