|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Wbb 2.3. xss
From: Adrian (adrian
planetcoding.net)
Date: Sat Mar 04 2006 - 13:32:03 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Thats not a real problem.
You need a valid acp session id which is impossible to get unless you
compromise the system of an administrator (it's not stored in a
cookie).
Additionally it's in the admin cp, so it's not exploitable by bad
people unless you give them acp access.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]