[TriLUG] Google and the Triangle? Can this be true?

Aaron S. Joyner aaron at joyner.ws
Sun Apr 2 16:02:41 EDT 2006


Russell Jones wrote:

>I had to do it - did you check out my site http://www.xssfools.com ?
>  
>
I trust that you brought the XSS bugs to the attention of the authors of 
the various websites?  There are far more devious and irresponsible 
things to be done with XSS, and your site is essentially providing a 
fast and easy template to exploit known bugs with their websites.  
That's all well and good, imho, if you at least sent an email to the 
appropriate contact emails, and they ackowledged it's a bug and don't 
care.  I'm sure I don't need to point out some of the potentially bad 
things that can be done with XSS, from site-cooking stealing to 
attempting to fool the admins into visiting the URL to steal passwords / 
elevated priviledges, confidence schemes, email address harvesting (from 
logged in users), etc, etc.

Please, tinker.  But tinker responsibly.
Aaron S. Joyner



More information about the TriLUG mailing list