In message <[EMAIL PROTECTED]>
Callum Noble <[EMAIL PROTECTED]> wrote:
> I notice that the message sending section of the openstreetmap.org site
> is vulnerable to type 2 XSS attacks.
Well thank you for announcing that on a public mailing list. Do you
not think an email to webmaster might have been more sensible?
> I mentioned this on IRC and someone said that there were other places on
> the site that this issue could be found.
I can see I'm going to have to have words with whichever genius
recommended that...
Unfortunately now that this has been publically revealed I am going to
have to make an emergency fix that loses (temporarily at least) some
functionality.
Tom
--
Tom Hughes ([EMAIL PROTECTED])
http://www.compton.nu/
_______________________________________________
dev mailing list
dev@openstreetmap.org
http://lists.openstreetmap.org/cgi-bin/mailman/listinfo/dev
