[EMAIL PROTECTED] was CCed on this request. I couldn't see it in the savannah-hackers archive so I've posted it here.
[EMAIL PROTECTED] - Sun Oct 26 17:48:48 2003]: > Support Request #102548, was updated on Sun 10/26/03 at 17:45 > You can respond by visiting: > http://savannah.gnu.org/support/?func=detailsupport&support_id=102548&group_id=23 > > Category: None > Status: Open > Priority: 5 > Summary: xss hole in search engine > > By: lorenzohgh > Date: Sun 10/26/03 at 17:45 > Logged In: NO > Browser: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) > > http://savannah.gnu.org/search/? > > words=XSS"><script>alert(document.location);</script> > > ---------------------------------------------------------------------- > You can respond by visiting: > http://savannah.gnu.org/support/?func=detailsupport&support_id=102548&group_id=23 > > _______________________________________________ > Message sent via/by Savannah > http://savannah.gnu.org/ > > > _______________________________________________ Savannah-hackers mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/savannah-hackers