[OSM-dev] XSS Vulnerabilities
Frederik Ramm
frederik at remote.org
Mon Jan 14 22:58:00 GMT 2008
Hi,
> I notice that the message sending section of the openstreetmap.org
> site is vulnerable to type 2 XSS attacks.
Had to look this up on Wikipedia. What he means is that you can send a
message to someone else that contains a "<b>" and when that message is
displayed, the "<b>" is not escaped properly but leads to a bold type.
Bye
Frederik
--
Frederik Ramm ## eMail frederik at remote.org ## N49°00.09' E008°23.33'
More information about the dev
mailing list