Active XSS | Forum | WOT (Web of Trust)

Forum

Dear visitor! The webpage is only available in English. We're sorry for the inconvenience.

All Forums
Support
Active XSS

- Gr1xa on Thu 26 Feb 2009
- 02:57:10 PM UTC
Active XSS
I'm testing your site for XSS. There is an XSS in City, ZIP. I can enter alert('xss') and i can see alert-box. You can see it in my profile details. Please, set XSS-filter. Sorry for my english.
---
Я протестировал сайт на XSS-уязвимость, и заметил, что все поля в профиле не фильтруются. Пожалуйста, включите фильтрацию. Вы можете посмотреть уязвимость в моем профиле.

Be happy! =)
- Login or Register to post comments

Comments:

- Timo on Thu 26 Feb 2009
- 04:14:00 PM UTC
Re: Active XSS
Thanks for the report. The problem has now been fixed.

If someone finds a security vulnerability, I would greatly appreciate if you would first send us an email about it to support@mywot.com.
- Login or Register to post comments

Keep in touch with us

Like us on Facebook
Join the professional group on Linkedin
Follow us on Twitter
Watch WOT videos on Youtube
Grab screenshots from Flickr

What's new?

Keep up with what’s happening.

Subscribe to the WOT blog RSS feed

Support WOT’s development

Your generous contribution is appreciated by WOT’s add-on developers.

Contribute Now