-
XSS Reporting Question
Ok lets say that there is a search feild on a common website addition that people put on their site. This tool does not require you to log on and it is not hosted on the persons server who decides to put this on their site so there is no account information or anything like that. Anyways that search feild is suseptable to XSS, should it be reported to bugtraq you think or is there really no point?
-
First post so here I go
Personally I would first imform the owner of the web site of the problem, then wait either untill they have fixed the problem or 30 days. Then post it to bugtraq.
