I know nothing about PDL's web pages. The most recent work I know of on them was back in 2013, when Joel Berger was trying to port things over to github. At the time, Joel had produced an interesting XSS testing example using the documentation from a particular Acme module:
http://pdlporters.github.com/?docs=Acme::XSS To the best of my knowledge, that's not what we use for serving pdl.perl.org . That's the extent of my knowledge of the problem, which I guess is to say, nill. :-/ David On Wed, Jul 27, 2016 at 10:10 AM, <sisyph...@optusnet.com.au> wrote: > > From: Mishra Dhiraj > Sent: Wednesday, July 27, 2016 11:38 PM > To: sisyph...@optusnet.com.au > Cc: pdl-devel > Subject: Re: [perl #128620] http://pdl.perl.org Vulnerable to XSS > > > I still don't understand can you please let me know , where should i > > report the issue, > > Reporting it to https://sourceforge.net/p/pdl/bugs/426/ was the correct > thing to do. > > But posting about it on the p5p mailing list was the wrong place. > Instead you should have posted to pdl-devel@lists.sourceforge . > (You can subscribe to that list at > https://lists.sourceforge.net/lists/listinfo/pdl-devel - however, I think > you can post to that list without subscribing.) > > > the bug isn't public because it's an security issue. > > I think it's visible to anyone who has an account with (and who logs in to) > sourceforge. > > Having submitted your bug report, it's likely that it went unnoticed. > Now that the issue has also been raised on the pdl-devel list (and it has), > we can be confident that it has been noticed. > Hopefully someone will now act upon it. > > Thank you for persevering. > > Cheers, > Rob > > > > ------------------------------------------------------------------------------ > What NetFlow Analyzer can do for you? Monitors network bandwidth and > traffic > patterns at an interface-level. Reveals which users, apps, and protocols > are > consuming the most bandwidth. Provides multi-vendor support for NetFlow, > J-Flow, sFlow and other flows. Make informed decisions using capacity > planning > reports.http://sdm.link/zohodev2dev > _______________________________________________ > pdl-devel mailing list > pdl-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/pdl-devel > -- "Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it." -- Brian Kernighan
------------------------------------------------------------------------------
_______________________________________________ pdl-devel mailing list pdl-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/pdl-devel
