March 2007 - Michael Sutton's Blog

Michael Sutton's Blog

Home
Contact

Syndication

Archives

Sort by: Most Recent | Most Viewed | Most Commented

Debug Message XSS Vulnerabilities

I was excited this afternoon when I thought that I'd stumbled upon a universal XSS vulnerability in verbose ColdFusion error messages. While testing a site, I had noted that a verbose debug error message (see below) echoed back many of the request...

Published 03-23-2007 12:35 AM by erik.peterson

Privacy Statement

Powered by Community Server (Non-Commercial Edition), by Telligent Systems

Information disclosed in this community becomes public. Exercise caution when deciding to disclose your personal information. HP reserves the right, but is not obligated to, edit or remove your comment if it contains personally identifiable information or other content HP deems unacceptable. Opinions expressed are your personal opinions or those of the original authors, and not of HP. Please see HP's web Terms of Use for more details.

Privacy statement | Using this site means you accept its terms

March 2007 - Michael Sutton's Blog

Syndication

Recent Posts

Archives

Debug Message XSS Vulnerabilities