[typo] XSS vulnerability?

gpshewan gpsnospam at gmail.com
Sat Nov 26 11:28:29 EST 2005


Not being a javascript expert, how much of a concern is Ticket #551  
that nikanorov just submitted?

> Why when I add comment like ---comment---- <script> alert ("Typo  
> sucks"); </script> ---comment----
>
> it works? Are you kidding?
And he's right ... it does.

Gary


More information about the Typo-list mailing list