|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit
From: Jesse Ruderman (jruderma
cs.hmc.edu)
Date: Sun Oct 31 2004 - 01:18:20 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
n3td3v wrote:
>Should the general public be expecting a disclosure of the
>vulnerability to security mailing lists once a solution has been
>implemented to patch the hole, so other web-based services are aware
>of the possibility of the same problem being an issue for them, or
>should gmail be keeping everything secret after they patch.
>
I'd be surprised if the vulnerability wasn't something already mentioned
on http://www.squarefree.com/securitytips/web-developers.html#XSS .
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]