[pLog-svn] Fwd: XSS in referrer
Jon Daley
plogworld at jon.limedaley.com
Thu Jan 13 17:36:39 EST 2011
Ah - the guy actually did post a bug report to bugs.lifetype.net. I
parsed the date in his post incorrectly - I thought he had posted this
November 1, 2010, rather than January 1, 2011.
On Thu, 13 Jan 2011, Jon Daley wrote:
> I'm not sure what they mean when they say "the vendor was notified".
> I suppose that means that we were notified when they published it on this web
> page? Not exactly what anyone should consider "notified".
>
>
> LifeType 1.2.10 HTTP Referer stored XSS
> Exploit Title: lifetype 1.2.10 http referer XSS # Date: 11-1-2010 # Author:
> Saif El-Sherei # Software Link: http://lifetype.net/page/downloads #
> Version: ...
> <http://www.exploit-db.com/exploits/15981/>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>
--
Jon Daley
http://jon.limedaley.com
~~
If at first you don't succeed, you're doing about average.
-- Leonard Levinson
More information about the pLog-svn
mailing list