[thelist] Security alert: CSS vulnerability

Charles F. Johnson charles at littlegreenfootballs.com
Mon Sep 3 11:18:49 CDT 2001


Any list members who are responsible for HTML email-based web applications
should take note of this recently-discovered Cross-Site Scripting
vulnerability that uses the <link> tag to execute malicious Javascript:

<http://www.whitehatsec.com/labs/advisories/WH-Security_Advisory-08232001.ht
ml>

charles johnson
lgf web design
http://littlegreenfootballs.com





More information about the thelist mailing list