Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit
From: Jesse Ruderman (jrudermacs.hmc.edu)
Date: Sun Oct 31 2004 - 01:18:20 CDT
>Should the general public be expecting a disclosure of the
>vulnerability to security mailing lists once a solution has been
>implemented to patch the hole, so other web-based services are aware
>of the possibility of the same problem being an issue for them, or
>should gmail be keeping everything secret after they patch.
I'd be surprised if the vulnerability wasn't something already mentioned
on http://www.squarefree.com/securitytips/web-developers.html#XSS .
Full-Disclosure - We believe in it.