PhpRiot
News Archive
PhpRiot Newsletter
Your Email Address:

More information

An XSS Vulerability In The Making

Note: This article was originally published at Planet PHP on 7 March 2012.
Planet PHP
Back in September, Socorro received a security bug relating to the method we were using for processing inputs for the duration of certain reports. The vulnerability included a proof of concept, with an alert box popping up on production when the link was followed. The Vulnerability I was quite surprised at the root cause of [...]