On Tue, 13 Nov 2007, T-Ping T-Ping wrote: > I saw that someone named Fugitif had found an XSS vulnerability on > bugs.debian.org that is still unpatched. > Here is an example XSS for this bug: > http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=";><script>alert("XSS")</script>
Ah; one of them slipped through. I'll deal with this shortly. Don Armstrong -- If a nation values anything more than freedom, it will lose its freedom; and the irony of it is that if it is comfort or money it values more, it will lose that, too. -- W. Somerset Maugham http://www.donarmstrong.com http://rzlab.ucr.edu -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
