a security issue?
Hi! I've been reading all the tutorial and i checked out that javascript and some html tags are deactivated everywhere in posting forms but the edit profile...
you can click my readings and somehow you can execute javascript janmaru or can inject code in your own profile...
i was wondering if it's possible to execute scriptacolus functions on whitch this site is built or execute session hijacking with some xss script...
or maybe i drunk to much coffee and it's time to sleep...
Get updates with RSS
Be the first to know about new products and free stuff from IconBuffet. Subscribe to our RSS feed:
Find work or post a listing at Authentic Jobs.
soprano on Jul 29, 2007
What a coincidence!
Just this past week, I found an XSS vulnerability in the site.
Steax on Jul 29, 2007
Now, if we can only find the script to add the number of stamps/tokens... use prototype's AJAX... hmmm... =P