Full Disclosure mailing list archives
Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit
From: Jesse Ruderman <jruderma () cs hmc edu>
Date: Sat, 30 Oct 2004 23:18:20 -0700
n3td3v wrote:
I'd be surprised if the vulnerability wasn't something already mentioned on http://www.squarefree.com/securitytips/web-developers.html#XSS .Should the general public be expecting a disclosure of the vulnerability to security mailing lists once a solution has been implemented to patch the hole, so other web-based services are aware of the possibility of the same problem being an issue for them, or should gmail be keeping everything secret after they patch.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Slashdot: Gmail Accounts Vulnerable to XSS Exploit Shoshannah Forbes (Oct 30)
- Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit n3td3v (Oct 30)
- Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit Calum Power (Oct 30)
- Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit morning_wood (Oct 30)
- Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit Calum Power (Oct 30)
- Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit morning_wood (Oct 30)
- Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit n3td3v (Oct 30)
- Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit Nancy Kramer (Oct 31)
- Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit n3td3v (Oct 31)
- Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit Jesse Ruderman (Oct 31)
- Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit morning_wood (Oct 30)