[wp-forums] Faulty XSS check?

Thu Jan 6 09:49:45 UTC 2011

Well, his XSS doesn't seem to actually work. Exploit Attempt Fail.

-Otto

On Thu, Jan 6, 2011 at 2:54 AM, Sergey Biryukov
<sergeybiryukov.ru at gmail.com> wrote:
> Found a user with a strange display name: tomontoast" onclick="alert('xss')
>
> http://wordpress.org/support/profile/tomontoast
> http://buddypress.org/community/members/tomontoast/
> _______________________________________________
> wp-forums mailing list
> wp-forums at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-forums
>