[Esapi-dev] Help regarding issue 251

Jeff Williams jeff.williams at aspectsecurity.com
Thu Oct 2 20:59:43 UTC 2014


It’s a good bug.

--Jeff

From: esapi-dev-bounces at lists.owasp.org [mailto:esapi-dev-bounces at lists.owasp.org] On Behalf Of Fabio Cerullo
Sent: Thursday, October 02, 2014 4:44 PM
To: Jim Manico
Cc: esapi-dev at lists.owasp.org
Subject: Re: [Esapi-dev] Help regarding issue 251

Nalin

Thanks for your interest to fix ESAPI issues. Someone from the dev team will help you out addressing this or any other bug that might interest you.

Regards
Fabio

On Thursday, 2 October 2014, Jim Manico <jim.manico at owasp.org<mailto:jim.manico at owasp.org>> wrote:
You do not stop injection at the input validation layer, I do not
think this is a good bug.

--
Jim Manico
@Manicode
(808) 652-3805

> On Oct 2, 2014, at 10:53 AM, Nalin Goel <naling1994 at gmail.com<javascript:;>> wrote:
>
> Hi guys,
>
> I am new to open-source and would like to work with owasp-esapi.
>
> I did some research on issue 251(IsValidDate not recognizing inection attacks) and would appreciate guidance as well as feedback as to what our inputs might be.
>
> Any help on getting me started is appreciated .
> _______________________________________________
> Esapi-dev mailing list
> Esapi-dev at lists.owasp.org<javascript:;>
> https://lists.owasp.org/mailman/listinfo/esapi-dev
_______________________________________________
Esapi-dev mailing list
Esapi-dev at lists.owasp.org<javascript:;>
https://lists.owasp.org/mailman/listinfo/esapi-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-dev/attachments/20141002/5f687eb8/attachment-0001.html>


More information about the Esapi-dev mailing list