xss problems solved?

View: New views

2 Messages — Rating Filter: Alert me

xss problems solved?

by Samuel Oey :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

hello,

just read about the xss problems in the dev-list.
http://grazia.helma.org/pipermail/antville-dev/2005-June/000705.html
unfortunately i can't find any hints wether this problem is solved or not.
if it's not solved, how serious is it and how hard is it to secure an
antville server?

thnx,
samuel
_______________________________________________
Antville-dev mailing list
Antville-dev@...
http://helma.org/mailman/listinfo/antville-dev

Re: xss problems solved?

by kinomu :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hello Samuel,

in case you didn't know, three days ago an exploit has been demonstrated:
http://help.twoday.net/stories/1061123/
http://nemesis.twoday.net/stories/1060585/
that gives you an impression of what might happen.
(I have no idea how difficult it will be to fix it.)

kinomu

> hello,
>
> just read about the xss problems in the dev-list.
> http://grazia.helma.org/pipermail/antville-dev/2005-June/000705.html
> unfortunately i can't find any hints wether this problem is solved or not.
> if it's not solved, how serious is it and how hard is it to secure an
> antville server?
>
> thnx,
> samuel
>

_______________________________________________
Antville-dev mailing list
Antville-dev@...
http://helma.org/mailman/listinfo/antville-dev