Separating just XSS vulns from others is not an option. It would make more
sense to create a separate mailing list for vulnerabilities in Web
applications.
Major ones could still be reported on the other lists.
If kiddies discover them, then how should they know that the vulnerability
they`ve found is not a major one? They`ve desided to publish a vuln to the
list, because it seems to be important to them :)
----- Original Message -----
From: "Aaron Gray" <[EMAIL PROTECTED]>
To: <full-disclosure@lists.grok.org.uk>
Cc: <bugtraq@securityfocus.com>
Sent: Sunday, July 23, 2006 9:04 PM
Subject: Re: [Full-disclosure] To XSS or not?
Major ones could still be reported on the other lists.
Aaron
something like xsstraq powered on securityfocus should be cleaner yep :)
Maybe there should be a special XSS list that could specialize in that
area ?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
