On Mon, Jun 27, 2011 at 8:04 PM, YGN Ethical Hacker Group <[email protected]>wrote:
> > The XSS results are from purely blackbox scan on Mambo 4.6.5. > > Wait, so you're telling me that you're running some program to find these and then just reporting the results to this list? If so, please give some credit to the program's author for actually finding these! Or, if you mean you're just blindly throwing XSS attacks at random variables hoping to find one that sticks... well, why hasn't a script been written for this yet? (Or if one has, what's it called?)
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
