Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Pages: 1
Topic closed
#1 2006-12-13 05:55:11
- Zarathu
- Member
- Registered: 2006-08-12
- Posts: 35
XSS Vulnerabilities - Critical
So I was going about my typical hacking routine (porn sites, etc.), and I realized that I had never attempted to hack my own site. I got started, immediately. I “found” Textpattern on my site and decided to play around with it.
Here they are:
—— REMOVED BY ADMIN ——
[EDIT]
As I’m a grey hat, I am letting you know that I have delivered this piece of information to the people who will take advantage of it and possibly use it for malicious purposes. My moral code states that I need to alert both sides. Just a heads up.
[EDIT]
It also depends on which browser you’re using.
Last edited by Mary (2006-12-13 06:17:18)
Offline
#2 2006-12-13 06:07:50
- Mary
- Sock Enthusiast
- Registered: 2004-06-27
- Posts: 6,236
Re: XSS Vulnerabilities - Critical
Please, do not report potential vulnerabilities on a public forum. Send them to:
security at textpattern dot com
If need be, we will contact you via your forum email address.
Offline
#3 2006-12-13 06:20:03
- Mary
- Sock Enthusiast
- Registered: 2004-06-27
- Posts: 6,236
Re: XSS Vulnerabilities - Critical
I have delivered this piece of information to the people who will take advantage of it and possibly use it for malicious purposes. My moral code states that I need to alert both sides.
… Do I really have to comment on that?
To everyone else: this matter is being looked into properly, as all vulnerabilities are.
Offline
Pages: 1
Topic closed