Exactly. Like there might be a feature disabled for preventing code injection on the site as a whole, and not all code injection displays something like that. In fact, I'd wager an attack via code injection would go unnoticed by the user all together.
On Tue, Aug 20, 2019 at 12:08 PM Norton, Mike <mikenor...@pwsd76.ab.ca> wrote: > Used to be that reading documentation articles about “null” – e.g. null > routes, Null 0 interface, etc. – would give some rather, uh, “interesting” > results in the related community discussions box off to the side of the > article. Agreed it is rather concerning. Basically every language has > standard functions for properly sanitizing/escaping text so there is no > excuse other than sloppiness... which makes one wonder what else they are > sloppy with. > > -mn > > *From:* cisco-voip <cisco-voip-boun...@puck.nether.net> *On Behalf Of *Anthony > Holloway > *Sent:* August 20, 2019 8:35 AM > *To:* Cisco VoIP Group <cisco-voip@puck.nether.net> > *Subject:* [cisco-voip] Bug Search Code Injection > > > > Looks like I stumbled across some code injection on the following defect > page: > > > > https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvq27976 > > > > It's innocent enough, but concerning that it's even possible. > > > > [image: image.png] > _______________________________________________ > cisco-voip mailing list > cisco-voip@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-voip >
_______________________________________________ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip