[VIM] OpenEdit XSS vendor dispute
sullo at cirt.net
Tue Dec 27 22:17:31 UTC 2005
security curmudgeon wrote:
> Hi There, I am the author of OpenEdit and I wanted to clarify. The
> page variable is just the page number. So it lets you jump from page 1
> to page 100. If you pass in page -1 it will just generate an error. It
> is not a problem.
> The oe-action is possible more concern but we check for a user
> being logged in on most dangerous actions. So this is not considered a
> security problem either.
This sounds to me like a developer that doesn't get XSS. He seems to be
thinking in terms of supplying an invalid *number* to the "page"
variable, rather than supplying some arbitrary text.
Not that I would ever try such a thing on a live site, but... the demo
was down when I tried to access it.
http://www.cirt.net/ | http://www.osvdb.org/
More information about the VIM