lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1138258306.17528.252796927@webmail.messagingengine.com>
Date: Thu, 26 Jan 2006 17:51:46 +1100
From: "iNETstore Support" <support@...tstore.com>
To: cert@...t.org, Vuln@...irt.com, moderators@...db.org,
	vuln@...unia.com, bugtraq@...urityfocus.com
Cc: "iNETstore Support" <support@...tstore.com>
Subject: Re: [OSVDB Mods] iNETstore E Commerce Solution - Cross Site Scripting


Please note this problem has been fixed and changes propagated to all
iNETstore servers world wide. Please update your records.

thank you
iNETstore Support


On Fri, 20 Jan 2006 17:33:14 +1100, "iNETstore Support"
<support@...tstore.com> said:
> iNETstore E Commerce Solution - Cross Site Scripting
> 
> Vendor URL: http://www.inetstore.com/
> 
> http://vs160455.server-store.com/store/search.inetstore?searchterm="><script>alert(document.cookie)</script>&submit=submit
> 
> 
> Problem fixed. 
> 
> regards, iNETstore Support



------
This communication is confidential and may contain information that is the subject of legal privilege and/or copyright.

It should only be viewed by the intended recipient. If you have received this communication in error, please notify us immediately by e-mailing us at support@...tstore.com and then immediately destroy this communication.

Any unauthorised use of the contents of this communication is expressly prohibited. Our confidentiality, privilege or copyright is not waived or lost if you received this communication in error. You may not distribute, or carbon copy this email to any other party, other than with the express authority of the sender.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ