]]
Sent: Sunday, April 21, 2002 12:50
To: [EMAIL PROTECTED]
Subject: Re: Cross site scripting in almost every mayor website
Been there, done that.
I have successfully created a worm and tested it
before trying to report this to McAfee, they do the
vrus scanning for hotmail. I got a you
: Sunday, April 21, 2002 3:53
Subject: Re: Cross site scripting in almost every
mayor website
To webmail developpers : there is something
interesting for you hidden in this post. The
Hotmail problem was a evil html filtering problem
in incoming e-mails. It was possible to bypass the
filter
On april 26 I posted a message about Cross-Site
scripting (see bottom) I mentioned that I had
found Cross-site scripting flaws in many major
websites but I did not publish the exact details of
these flaws. After notifying the owners of these
sites and giving them time to respond and