I saw that someone named Fugitif had found an XSS vulnerability on bugs.debian.org that is still unpatched. Here is an example XSS for this bug: http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=";><script>alert("XSS")</script>
-- _______________________________________________ Get your free email from http://bsdmail.com
