[typo] XSS vulnerability?
Scott Laird
scott at sigkill.org
Sat Nov 26 11:45:04 EST 2005
Argh! It's supposed to be filtered. What happens when you run
'rake'? There's are several XSS-related tests, do any tests fail?
Scott
On Nov 26, 2005, at 8:28 AM, gpshewan wrote:
> Not being a javascript expert, how much of a concern is Ticket #551
> that nikanorov just submitted?
>
>> Why when I add comment like ---comment---- <script> alert ("Typo
>> sucks"); </script> ---comment----
>>
>> it works? Are you kidding?
> And he's right ... it does.
>
> Gary
> _______________________________________________
> Typo-list mailing list
> Typo-list at rubyforge.org
> http://rubyforge.org/mailman/listinfo/typo-list
More information about the Typo-list
mailing list