Forum OpenACS Q&A: Response to Bugtraq: cross site scripting

Collapse
11: Response to Bugtraq: cross site scripting (response to 1)
Posted by David Walker on 03/28/02 06:22 AM
We need to be very careful what html we allow in the bboards as this same
trick could be exploited by placing a 1x1 graphic in any of these bboard
messages.  The administrators will be logged in when they read those
messages.