Date: Sun, 5 May 2002 17:33:20 -0700 (PDT) From: Doug White <dwhite@resnet.uoregon.edu> To: ReDeeMeR <g0tr00t@usa.net> Cc: www@FreeBSD.ORG Subject: Re: Cross site scripting (XSS) at www.FreeBSD.org Message-ID: <20020505173248.T85869-100000@resnet.uoregon.edu> In-Reply-To: <20020505235948.29006.qmail@uwdvg001.cms.usa.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 6 May 2002, ReDeeMeR wrote: > I recently discovered a cross site scripting vulnerability on the FreeBSD.org > website. I won't post any details of the exact bug here in case it were to > fall in to the wrong hands; however, I searched the freebsd.org website up and > down and was unable to find an email address for an active 'webmaster' -- all > I could find was this mailing list. So my question is, who do I email the > details of this bug to ? It is a bug in the site and not in the FreeBSD > operating system ... so send-pr is no good in this case. This is the correct list. If it's in cvsweb, it's probably already been fixed; someone reported one a week or two ago already. Doug White | FreeBSD: The Power to Serve dwhite@resnet.uoregon.edu | www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-www" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020505173248.T85869-100000>