Weekly Edition
Return to the Security pageSponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||
'You've Got Cross-Site Scripting' (Dark Reading)
Dark Reading reports on a
new email alert service for cross-site scripting bugs. "So
XSSed.com, a site dedicated to archiving publicly disclosed XSS bugs, is
now offering a free email alert service that notifies you as soon as an XSS
vulnerability affecting your Website gets indexed to its archive. XSSed
claims to have the industry's largest XSS archive, with over 17,000
disclosed vulnerabilities as of this posting."
(Log in to post comments)
'You've Got Cross-Site Scripting' (Dark Reading) Posted Dec 13, 2007 16:29 UTC (Thu) by aisotton (subscriber, #39278) [Link] You can subscribe to alerts for XSS vulnerabilities for *any* site you want. I find this a little irresponsible; basically you can (anonymously) make them scan another site for you, and even send an E-Mail when they find something. There's "abuse" written all over that. It'd be much better if they forced you to verify that you own a site before starting a scan. This could easily be done by making you upload a file with a strange name (like Google does) or some similar means.
'You've Got Cross-Site Scripting' (Dark Reading) Posted Dec 14, 2007 20:30 UTC (Fri) by undefined (guest, #40876) [Link] how about sending an email to webmaster@example.com? it's even standardized: http://www.ietf.org/rfc/rfc2142.txt
|
|||||||||||