[VIM] wtf: StylesDemo mod XSS

Steven M. Christey coley at mitre.org
Wed Sep 19 17:28:39 UTC 2007


("wtf" means, of course, "Well, THAT'S flaky!")

Researcher: inj3ct-it
Ref: http://www.milw0rm.com/exploits/4425


The title says "multiple vulns" and the description mentions XSS but
there's no exploit code or demo URL that actually does XSS.

To me, this amounts to unactionable rumors from a researcher of
unknown reliability (or just a cut-and-paste error), so I'm tempted to
ignore it.  Unless someone else found something?

- Steve


More information about the VIM mailing list