[Full-disclosure] StumbleUpon XSS (fixed)
Berend-Jan Wever
berendjanwever at gmail.com
Tue Aug 12 13:03:47 BST 2008
Hi all,
I found an XSS issue in StumbleUpon, which has been fixed. If you're
interested in what the problem was, look here: http://skypher.com/
What I found most interesting about this case is that there were only 40
minutes between the acknowledgement of receipt of my email about the issue
and their fix being online. In my experience that is really, really fast!
Cheers,
SkyLined
--------------------------------------------------------------------------------------------------------
Berend-Jan Wever <berendjanwever at gmail.com> http://skypher.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080812/ee7e0578/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.