[wp-hackers] Reputed XSS issue with WordPress (templates.php)

Elliotte Harold elharo at metalab.unc.edu
Wed Feb 14 00:33:38 GMT 2007


Petit wrote:

> Someone please explain to a naïv guy, why enabling the "Remeber me" 
> function is bad habit.

If you're not remembered, then the window of time in which you can be 
engineered into doing something bad is reduced. There is less likelihood 
that an attack will succeed.

-- 
Elliotte Rusty Harold  elharo at metalab.unc.edu
Java I/O 2nd Edition Just Published!
http://www.cafeaulait.org/books/javaio2/
http://www.amazon.com/exec/obidos/ISBN=0596527500/ref=nosim/cafeaulaitA/


More information about the wp-hackers mailing list