OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
[Full-disclosure] XSS at Netcraft.com

From: Valery Marchuk (tecklordargocom.cv.ua)
Date: Wed Aug 02 2006 - 14:51:11 CDT


Hi All!

This time XSS vulnerability at Netcraft. Hope this company will act a bit
sooner than others.

Example of vulnerability is as usually in my blog at
http://www.securitylab.ru/blog/tecklord/?category=19

All the XSS vulnerabilities, published there since Monday this week are
still not fixed. So, there are in the list of companies, who do not care
much about their own security and security of their customers:

PayPall

Netscape

Digg

Google

Netcraft

I wish all these companies luck in fixing vulnerabilities at their web
sites.

Have a nice day

Valery

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/