[Owasp-leaders] Does anyone have an email address for Benjamin Mosse?

Mark Roxberry mark.roxberry at owasp.org
Wed Apr 1 11:01:12 EDT 2009


*ben*.mosse at sift.com.au
Just a guess.

On Wed, Apr 1, 2009 at 10:58 AM, Andrea Cogliati
<andrea.cogliati at owasp.org>wrote:

> Arshan,
>
> in case you missed it, you can apparently leave a comment on the About
> page.
>
> Andrea
>
> On Apr 1, 2009, at 10:55 AM, Arshan Dabirsiaghi wrote:
>
> > He claims here that he has 2 proofs of concept for bypassing AntiSamy:
> >
> >
> http://blog.engineeringforfun.com/hacking-related/bypassing-owasps-antisamy.html
> >
> > Yet when I try both the vectors on my public-please-hack-me test
> > page, they fail:
> >
> >
> http://i8jesus.com:9080/AntiSamyDemoWebApp/test.jsp?profile=Proof+of+concept%0D%0A%3Ca+-+href%3D%22%2F%22+onmouseover%3D%22javascript%3Aalert%281%29%22%3Elink%3C%2Fa%3E%0D%0A%3Cimg+.+src%3D
> > %
> >
> > Comments are bizarrely turned off on his blog and I can’t find his
> > email. I’m trying to temper my irritation in case he actually has
> > something, but the prospect of an OWASPer trying to “out” another
> > OWASPer with non-reproducible slander is very disappointing.
> >
> > Arshan
> > _______________________________________________
> > OWASP-Leaders mailing list
> > OWASP-Leaders at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20090401/3e61c6e5/attachment.html 


More information about the OWASP-Leaders mailing list