From owner-freebsd-questions@FreeBSD.ORG Mon May 11 12:48:59 2015 Return-Path: Delivered-To: freebsd-questions@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 111DA972 for ; Mon, 11 May 2015 12:48:59 +0000 (UTC) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.130]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 856A11CF5 for ; Mon, 11 May 2015 12:48:58 +0000 (UTC) Received: from [192.168.121.109] ([85.183.68.11]) by mrelayeu.kundenserver.de (mreue003) with ESMTPSA (Nemesis) id 0LaHU2-1ZdTXA0R5C-00lzwX for ; Mon, 11 May 2015 14:43:38 +0200 Message-ID: <5550A3F4.6070003@gaxweb.com> Date: Mon, 11 May 2015 14:43:32 +0200 From: Matthias Holl User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: freebsd-questions@FreeBSD.org Subject: XSS in your search input Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K0:vS09dOrY0S/q4NCxPI3Skn7Wy4MBHCb8ptW3Nxht6oAD5zsmqdv U47xNhgIXBTSWPqv7VG5fhKY/ybZGNw7rzfg129sd/86mSGL8B/Rz8XvnExtf3oeFxR9AO8 3qZL1oEI/AkoYUXVty7hhPFL5nRAiTQ0ZSn5gn6Q7E6q+TwrxDFr/QZ+CA7XBXdYd/eieyg aK53GwHUpTXAKSt2koSpA== X-UI-Out-Filterresults: notjunk:1; X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 May 2015 12:48:59 -0000 hi freeBSD team, i found a XSS vulnerability on your webpage (search input) cu mat