[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20080912054554.17138.qmail@securityfocus.com>
Date: 12 Sep 2008 05:45:54 -0000
From: DJeep@...nWiki.com
To: bugtraq@...urityfocus.com
Subject: Re: OpenWiki<--v0.78 Cross-Site Scripting
OpenWiki is _not_ vulnerable to Cross Site Scripting (XSS)
I'm the admin of OpenWiki.com and a close friend to Laurens Pit, the Creator of OpenWiki.
You cannot insert code in a wikipage or via URL parameters as they are all escaped before usage, so nothing can be compromised at other sites
The site has run for 8 years now. I can assure you that with such an open application where anyone may anonymously enter data, many have attempted to compromise it But afaik it never has been.
Regards,
Jaap.
Powered by blists - more mailing lists