[Owasp-leaders] xss in Owasp.org
ryan.barnett at owasp.org
Mon Mar 25 15:38:13 UTC 2013
This is not an XSS vuln. This is how wiki works. It takes data from URI and uses it as the title for a new page.
If, on the other hand, you can actually execute code then that is another issue.
On Mar 25, 2013, at 11:24 AM, Edgar Salazar <edgar.salazar at owasp.org> wrote:
> Good morning leaders, I hope you are well.
> I have reported the following XSS owasp.org.
> What actions can be taken?
> That person manages OWASP wiki?
> XSS --> http://t.co/4p4CQz1dAV
> Attached image.
> Please validate this information.
> Greetings all.
> Edgar Salazar Tovar
> OWASP Venezuela Chapter Leader
> Caracas, Venezuela
> +58 416 2810887
> Skype: eddavid.salazar
> Twitter: @3ddavid
> edgar.salazar at owasp.org
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders