Search

About me

Johannes (Hanno) Böck
mail: hanno@hboeck.de
jabber: hanno@hboeck.de
gpg: BBB51E42
ssh: RSA, ECDSA


Hanno on Twitter
Hanno on identi.ca

Impressum

schokokeks.org



Atheist

Twitter/identi.ca

hanno: geh jetzt los zum #linuxtag

hanno: @_tillwe_ in schwierigen fällen und falls wichtig: altes windows + altes office organisieren und in virtueller maschine installieren

hanno: @_tillwe_ erstmal alternativsoftware probieren - libre/openoffice, gnumeric, calligra - irgendeins wird vermutlich einen importfilter haben

hanno: RT @moglimoglimogli: Was für eine Gesellschaft ist das, in der ein Vorhängeschloss !!! (an einer Brücke) ein Symbol für #Liebe ist ? #sperr…

hanno: Falls ihr noch an Clicktivism glaubt könntet ihr hier die Petition für Netzneutralität unterstützen http://t.co/NfcNlcFKz4

Anzeigen

Events

22.05 - 25.05 - Linuxtag
30.05 - 02.06 - GPN13 (8 Days)
04.07 - 07.07 - PQCrypto (43 Days)
05.07 - 07.07 - SIGINT (44 Days)
31.07 - 04.08 - OHM13 (70 Days)
01.10 - 02.10 - Open Access Tage (132 Days)
My pages
Picture gallery

Archives

Categories



All categories

Feeds

Tags

Creative Commons

CC0
Unless noted otherwise, all content is CC Zero / public domain

Entries tagged as helma

Related tags

XSS on helma/gobi

Thursday, July 12. 2007, 00:44
I still have some unresolved xss vulnerabilities around. It seems to be common practice by many web application developers and web designers to ignore such information.

This time we have gobi, a cms system based on the quite popular javascript application server helma.

http://int21.de/cve/CVE-2007-3693-gobi.txt

More to come. As this xss stuff is far too easy (try some common strings in web forms, inform the author, publish some weeks later), I think about doing some kind of automated mechanism to search and report those vulnerabilities.
English, Security, Webdesign | Comments (0) | Trackbacks (0)
Defined tags for this entry: , , , , , ,
Related entries by tags:
(Page 1 of 1, totaling 1 entries)