[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] countermeasure against attacks through HTML shared files

To: "Adrian P." <adrian.pastor@xxxxxxxxxxxxxx>
Subject: Re: [WEB SECURITY] countermeasure against attacks through HTML shared files
From: fcorella@xxxxxxxxxx
Date: Fri, 07 Nov 2008 17:38:29 +0000

Hi Adrian,

>It would have been cool to mention Microsoft SharePoint as an example of
>a popular file sharing system that allows persistent XSS through shared
>HTML files. i.e.:

Thanks for pointing this out.  I didn't look at SharePoint, actually.  I did 
look at many others, and didn't find any that took any explicit precautions 
against XSS through shared files.  But I thought there was no need to mention 
any names in the paper.

Francisco

Prev by Date: [ MDVSA-2008:224-1 ] kernel
Next by Date: VMware Emulation Flaw x64 Guest Privilege Escalation (2/2)
Previous by thread: [ MDVSA-2008:224-1 ] kernel
Next by thread: Re: [WEB SECURITY] countermeasure against attacks through HTML shared files
Index(es):
- Date
- Thread