An XSS Vulerability In The Making

Back in September, Socorro received a security bug relating to the method we were using for processing inputs for the duration of certain reports. The vulnerability included a proof of concept, with an alert box popping up on production when the link was followed. The Vulnerability I was quite surprised at the root cause of [...]

• Read the original article at Planet PHP