[Owasp-london] Eventbrite - event registration cross site scripting

Justin Clarke justin.clarke at owasp.org
Fri Jul 3 17:17:53 EDT 2009

Previous message: [Owasp-london] Final Reminder/Changes to the night - Next London OWASP meeting Thursday the 9th of July, at Barclays in Canary Wharf
Next message: [Owasp-london] Greetings
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

As an aside, can whoever put "<script>alert('OWASP_XSS');</script> ' or 1=1;
--" in as their name in the event RSVP report this to Evenbrite? It is
vulnerable to XSS.

Regards

Justin Clarke
OWASP London chapter leader

Previous message: [Owasp-london] Final Reminder/Changes to the night - Next London OWASP meeting Thursday the 9th of July, at Barclays in Canary Wharf
Next message: [Owasp-london] Greetings
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Owasp-london mailing list