[tor-talk] XSS on blog.torproject.org - 8 month old ticket?

isis isis at torproject.org
Tue Aug 19 22:22:37 UTC 2014


Nusenu transcribed 1.3K bytes:
> By coincidence I stumbled on a 8 months old ticket reporting a XSS
> vulnerability on blog.torproject.org - and it is still vulnerable.
> This is not exactly inspiring confidence.
> 
> I reassigned the ticket to phobos. Lets hope that this change something.
> 
> 
> https://trac.torproject.org/projects/tor/ticket/10440
> 

The best way to see a change done is to do it yourself. Also see
https://trac.torproject.org/projects/tor/ticket/10022 which probably explains
why no one has fixed the XSS.

-- 
 ♥Ⓐ isis agora lovecruft
_________________________________________________________
GPG: 4096R/A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1154 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140819/4af77615/attachment.sig>


More information about the tor-talk mailing list