Hacker Poesy
  • FAQ
  • Login

  • Public

    • Public
    • Groups
    • Recent tags
    • Popular
    • Directory

Notices tagged with xss

  1. qbi (qbi)'s status on Tuesday, 12-Dec-2017 06:35:12 EST qbi qbi
    Remote profile options...
    #XSS mit einem #TLS-Zertifikat
    https://binaryfigments.com/2017/12/11/dont-trust-all-ssl-tls-certificates/
    !security 
    Tuesday, 12-Dec-2017 06:35:12 EST from quitter.se permalink
  2. MMN-o ✅⃠ (mmn)'s status on Sunday, 15-Feb-2015 08:22:04 EST MMN-o ✅⃠ MMN-o ✅⃠
    Remote profile options...
    • hiker
    I wonder if this does it. I'm not very good at #XSS examples :)
    Sunday, 15-Feb-2015 08:22:04 EST from social.umeahackerspace.se permalink
  3. MMN-o ✅⃠ (mmn)'s status on Sunday, 15-Feb-2015 08:17:33 EST MMN-o ✅⃠ MMN-o ✅⃠
    Remote profile options...
    • hiker
    Uhm. !gnusocial - the #Textile plugin has this code:
    $tmp = str_replace('"','"',$notice->rendered);

    I would not trust the #Textile plugin to be safe from #XSS attacks. I guess I could change my fullname to something like: Mikael " onclick="javascript:alert('butt');" title="pwn
    Sunday, 15-Feb-2015 08:17:33 EST from social.umeahackerspace.se permalink
  4. MMN-o ✅⃠ (mmn)'s status on Monday, 19-Jan-2015 03:19:55 EST MMN-o ✅⃠ MMN-o ✅⃠
    Remote profile options...
    • holger
    #XSS attack prevention ;)
    Monday, 19-Jan-2015 03:19:55 EST from social.umeahackerspace.se permalink
  5. MMN-o ✅⃠ (mmn)'s status on Sunday, 18-Jan-2015 11:16:22 EST MMN-o ✅⃠ MMN-o ✅⃠
    Remote profile options...
    • Hannes
    @hannes2peer Du måste köra motsvarande htmlspecialchars på data du trycker i HTML :/
    i typ hela qvitter.js där data från databasen (description, location...) visas för användare. #XSS
    Sunday, 18-Jan-2015 11:16:22 EST from social.umeahackerspace.se permalink
  6. Erkan Yılmaz (erkan)'s status on Wednesday, 29-Oct-2014 01:45:47 EDT Erkan Yılmaz Erkan Yılmaz
    Remote profile options...
    • MMN-o ✅⃠
    cc !gs (opportunity for #XSS attack also in !sn !statusnet )
    Wednesday, 29-Oct-2014 01:45:47 EDT from fediverse.com permalink
  7. MMN-o ✅⃠ (mmn)'s status on Saturday, 25-Oct-2014 09:25:08 EDT MMN-o ✅⃠ MMN-o ✅⃠
    Remote profile options...
    This is a !snbug announcement. A lame coding error left the opportunity for an #XSS attack in the #Bookmark plugin in !sn source which only very recently got fixed. I recommend updating to !gnusocial v1.1.2-alpha1 (i.e. latest git commit) if you haven't disabled the Bookmark !gnusocial I believe the severity is not very great, since only a href="" value could be writ…
    Saturday, 25-Oct-2014 09:25:08 EDT from social.umeahackerspace.se at 63°49'42"N 20°15'34"E permalink

    Attachments

    1. mmn-20141025T132609-czleze2.html
  8. Erkan Yılmaz (erkanyilmaz)'s status on Tuesday, 14-Jan-2014 09:56:43 EST Erkan Yılmaz Erkan Yılmaz
    Remote profile options...
    • mjd
    about that #XSS vulnerability: if you look at the repo from that time (see link above) you perhaps have just to patch few stuff
    Tuesday, 14-Jan-2014 09:56:43 EST from oracle.skilledtests.com permalink
  9. Erkan Yılmaz (erkanyilmaz)'s status on Tuesday, 14-Jan-2014 08:55:17 EST Erkan Yılmaz Erkan Yılmaz
    Remote profile options...
    #mediawiki #security releases (1.22.1+1.21.4+1.19.10 (LTS vers. 2015)): several #XSS, ... http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-January/000138.html !wiki
    Tuesday, 14-Jan-2014 08:55:17 EST from oracle.skilledtests.com permalink
  10. Erkan Yılmaz (erkanyilmaz)'s status on Tuesday, 31-Dec-2013 06:38:10 EST Erkan Yılmaz Erkan Yılmaz
    Remote profile options...
    • tregeagle
    I see 2 crashes there from your GNUsocial, but I also see that you can sub to other SNs which have statusnet >0.9.9 running. btw: do you know that microblog.ourcoffs.org.au has a security issue: #XSS http://status.net/2011/08/02/security-alert-for-all-versions-of-statusnet ?
    Tuesday, 31-Dec-2013 06:38:10 EST from oracle.skilledtests.com permalink
  11. Erkan Yılmaz (erkanyilmaz)'s status on Wednesday, 25-Dec-2013 17:50:50 EST Erkan Yılmaz Erkan Yılmaz
    Remote profile options...
    • Markov Dosto(y)evsky
    @hauke@my-status.tk should upgrade his #statusnet 0.9.9: a #XSS (cross-site scripting) attack is possible. Besides: I can NOT subscribe to him: see log info: http://www.skilledtests.com/wiki/Pastebin#running_too_old_SN_with_security_bug
    Wednesday, 25-Dec-2013 17:50:50 EST from oracle.skilledtests.com permalink
  12. Erkan Yılmaz (erkanyilmaz)'s status on Friday, 08-Nov-2013 08:02:20 EST Erkan Yılmaz Erkan Yılmaz
    Remote profile options...
    • Markov Dosto(y)evsky
    • kuro
    more than 160 websites of German tax office have #XSS (Cross Site Scripting Probleme) problem, Hamburg, Hessen, Baden Württemberg, Brandenburg #security cc @question
    Friday, 08-Nov-2013 08:02:20 EST from oracle.skilledtests.com permalink
Start the article for #xss on WikiHashtags

Feeds

  • Activity Streams
  • RSS 1.0
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • Privacy
  • Source
  • Version
  • Contact

Hacker Poesy is a GNU social hub. It runs version 1.1.3-beta3, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Hacker Poesy content and data are available under the Creative Commons Attribution 3.0 license.

Switch to mobile site layout.