[approved] [bug #12930] Cross site scripting bug in m2h_text_html::filter

Earl Hood
Mon, 02 May 2005 11:09:16 -0700

Follow-up Comment #1, bug #12930 (project mhonarc):

mhtxthtml.pl has been updated in CVS to escape "vbscript" and
"ecmascript".

As for the other keywords, I'd like to have more information
on what browsers (or other software) support such scheme in
event handlers.


    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?func=detailitem&item_id=12930>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/

---------------------------------------------------------------------
To sign-off this list, send email to [EMAIL PROTECTED] with the
message text UNSUBSCRIBE MHONARC-DEV

Reply via email to

mhonarc-dev

[approved] [bug #12930] Cross site scripting bug in m2h_text_html::filter