Displaying 3 results from an estimated 3 matches for "xss_".
Did you mean:
tss_
2015 Aug 11
4
Apache mod_perl cross site scripting vulnerability
Hello,
I've failed latest PCI scan because of CVE-2009-0796. Centos 6.7. The
Red Hat Security Response Team has rated this issue as having moderate
security impact and bug as wontfix.
Explanation: The vulnerability affects non default configuration of
Apache HTTP web server, i.e cases, when access to Apache::Status and
Apache2::Status resources is explicitly allowed via <Location
2015 Aug 12
0
Apache mod_perl cross site scripting vulnerability
...s the entire
request URL as part of the page? You need to be using
htmlspecialchars() or HTML::Entities or whatever your
language/environment has to escape strings for safe inclusion in HTML
content.
There is of course more to it than that (sigh), try for starters:
https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet
--ln
2015 Aug 12
2
Apache mod_perl cross site scripting vulnerability
...way to use curl for testing? I'm getting new line because of
the single quote inside string and escaping it with back slash gives me
bash: syntax error near unexpected token `<'
> There is of course more to it than that (sigh), try for starters:
> https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet
Very nice reading, thanks!