Results 1 to 2 of 2

Thread: XSS Reporting Question

  1. #1
    Senior Member
    Join Date
    Dec 2001

    XSS Reporting Question

    Ok lets say that there is a search feild on a common website addition that people put on their site. This tool does not require you to log on and it is not hosted on the persons server who decides to put this on their site so there is no account information or anything like that. Anyways that search feild is suseptable to XSS, should it be reported to bugtraq you think or is there really no point?
    Violence breeds violence
    we need a world court
    not a republican with his hands covered in oil and military hardware lecturing us on world security!

  2. #2
    Senior Member
    Join Date
    Oct 2002
    First post so here I go

    Personally I would first imform the owner of the web site of the problem, then wait either untill they have fixed the problem or 30 days. Then post it to bugtraq.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts