| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <43D127DD.3040100@free.fr> Date: Fri Jan 20 18:25:36 2006 From: jerome.athias at free.fr (Jerome Athias) Subject: MBT Xss vulnerability Hey guy, do you know something about XSS 1) Phishing? 2) encoded URL, UTF8...? 3) cookie steal? ... it'll not be difficult to reproduce a website and have an url difficult to understand for a basic user... sure it's harder to spoof the url in the browser... // Native.Code a ?crit : > What a lame vulnerability it is. If your POC redirects to another site > (which is not MBT site), how someone will become victim and believe that > he/she is doing business with MBT? > > Your post is yet another proof that FD is more and more inhibited by scipt > kiddies. Get a life! > --------------------------------------------------------------------------------------------------------- About FD: "Speech is silver, but silence is gold" /JA /https://www.securinfos.info/
Powered by blists - more mailing lists