Forum OpenACS Q&A: Response to Bugtraq: cross site scripting

Posted by David Walker on
We need to be very careful what html we allow in the bboards as this same
trick could be exploited by placing a 1x1 graphic in any of these bboard
messages.  The administrators will be logged in when they read those