19 Jun
2009
19 Jun
'09
3:18 p.m.
It's usually a bit more complicated that just quoting the user input. I'm actually scanning a fresh install with IBM Appscan Enterprise when you mentioned it... :)
On Fri, Jun 19, 2009 at 11:09 AM, David Cecchino < david.cecchino at datacure.com> wrote:
HP Webinspect scans of xymon show it is vulnerable to XSS , is there a way of putting quotes around the url variables/strings?
-- Stewart
An infinite number of mathematicians walk into a bar. The first one orders a beer. The second orders half a beer. The third, a quarter of a beer. The bartender says "You're all idiots", and pours two beers.