[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20080512193100.12136.qmail@securityfocus.com>
Date: 12 May 2008 19:31:00 -0000
From: cxib@...urityreason.com
To: bugtraq@...urityfocus.com
Subject: Re: Re: Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability
It is not apache issue. You recrive 403 status, so charset is set in Header. Charset should not be in meta tags. Issue exist, when apache send response without charset in header AND meta tags. Probably you are using old browser without standard settings.
Best Regards,
Maksymilian Arciemowicz
securityreason.com
Powered by blists - more mailing lists