<<< Date Index >>>     <<< Thread Index >>>

Re: Oblog XSS valnerability



Can you be more specific? I tested this vulnerability on Oblog v4.5 with the 
following XSS string:

<script>alert("xss")</script>

Both the angle brackets and quotes were filtered, so I don't believe that this 
version is vulnerable to the problem you describe.

Can you tell us what version you tested?