[Owasp-delhi] Rediff Vulnerability

Nilesh Kumar (India) Nilesh.Kumar at sdgc.com
Thu May 28 01:30:15 EDT 2009

That's great!


Thanks a lot Nitin for your initiatives!

It only led to getting mail from one Rediff Authority to me that issue
will be solved soon, referring my report sent to them couple of months
back. Now fixed.


Abhay, good job done!



Nilesh Kumar CEH ISMS LA

Security Specialist

Governance,Risk &  Compliance (GRC)



SDG Software India Pvt. Ltd. 
A-10, Sector 2,NOIDA 201301, (UP), INDIA 
Website: www.sdgc.com 

Please Note: The e-mail content is intended for the sole use of the
intended recipient/s and may contain material that is CONFIDENTIAL AND
PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying
or distribution or forwarding of any or all of the contents in this
message is STRICTLY PROHIBITED. If you have erroneously received this
message, please delete it immediately and notify the sender. Before
opening any attachments please check them for viruses and defects.


From: owasp-delhi-bounces at lists.owasp.org
[mailto:owasp-delhi-bounces at lists.owasp.org] On Behalf Of SISA Abhay
Sent: Wednesday, May 27, 2009 7:58 PM
To: owasp-delhi at lists.owasp.org
Subject: [Owasp-delhi] Rediff Vulnerability


Hi All


I am pleased to see that the Rediff Search XSS issue has been fixed.
Although I reported the issue to Rediff, I would like to thank some
members of OWASP Delhi for having taken the matter to a higher plane and
reporting it to someone who has been proactive. 


Unfortunately, several other Rediff sites are as vulnerable to XSS as
ever. I will probably go ahead and report this issue as well. Hopefully
it gets sorted out as quickly as the previous one. 


Check it out: http://citadelnotes.blogspot.com



Abhay Bhargav



SISA Information Security (P) Ltd| Ph 91 80 41153769| Fx 91 80 41153796





-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20090528/d8223f9f/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 1875 bytes
Desc: image001.jpg
Url : https://lists.owasp.org/pipermail/owasp-delhi/attachments/20090528/d8223f9f/attachment-0001.jpe 

More information about the Owasp-delhi mailing list