[Full-disclosure] Dotclear 1.* Cross Site Scripting Vulnerability
Nikolay Kichukov
hijacker at oldum.net
Tue Apr 17 14:06:58 BST 2007
It would've been nice if that was in English...
Anyways, seems to be a nice review..
-nik
----- Original Message -----
From: "Julien Dhaille" <julien at wargan.com>
To: <full-disclosure at lists.grok.org.uk>
Sent: Tuesday, April 17, 2007 12:29 PM
Subject: [Full-disclosure] Dotclear 1.* Cross Site Scripting Vulnerability
> I wrote a paper about Xss exploitation with this bug.
>
http://wargan.org/index.php/2007/04/16/9-dotclear-126-hijack-authenticated-session
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Full-Disclosure is hosted and sponsored by Secunia.