[OWASP-Bangalore] [Owasp-leaders] dsanbox.owasp.org is vul Web cache poisoning attacks lead to Stored XSS?

Phuong Nam Tran phuong.namtran at owasp.org
Mon Jan 14 10:05:22 UTC 2019


Hi everyone,

I found a video from a men uploaded to youtube show how he can do a Web cache poisoning attacks lead to Stored XSS into dsanbox.owasp.org. You can watch this video bellow link:
https://www.youtube.com/watch?v=pkCOsO9o-L4

So what we need to do to prevent this in future?

Thanks,

--
Nam Tran Phuong
Addr: Floor 3, 42 Tran Quoc Toan, Hai Chau District, Da Nang city, Vietnam
Mobile: +84 934 900 955


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-bangalore/attachments/20190114/44b4cd29/attachment.html>


More information about the OWASP-Bangalore mailing list