B10[mg]: Yet another non-informative, useless blog

Selling cookie info to third-parties is a classic example of you can make money without doing evil.

HTML::BBCode XSS

2006/02/14 filed under /perl

Alex of eVuln.com noticed a XSS bug in HTML::BBCode. Although I'm not sure whether checking for javascript:foo(bar) links is supposed to be done by the parser, I've added the option (which is enabled by default) anyways, resulting in HTML::BBCode version 1.05.

As usual, I provide a little sandbox for you to play with/in :-)

Alex was also kind enough to point me to a piece of software called "My Blog" This seems to be using my module. Yay!

Posted by: B10m | permanent link | comments (0)

Categories

Blog (8)
Freebsd (2)
Linux (21)
Metal (46)
Nanoblogger (15)
News (28)
Perl (49)
Personal (80)
Php (5)
Random Thoughts (20)
Software (40)
Web (113)

Recent Entries

Archive

2008 (24)
- December (1)
- November (1)
- October (5)
- September (1)
- August (2)
- July (1)
- June (4)
- May (2)
- April (2)
- March (2)
- February (1)
- January (2)
2007 (54)
- December (1)
- November (2)
- October (2)
- September (5)
- August (3)
- July (5)
- June (7)
- May (5)
- April (5)
- March (5)
- February (7)
- January (7)
2006 (117)
- December (5)
- November (13)
- October (2)
- September (11)
- August (12)
- July (13)
- June (7)
- May (11)
- April (5)
- March (5)
- February (17)
- January (16)
2005 (219)
- December (18)
- November (9)
- October (10)
- September (16)
- August (20)
- July (11)
- June (9)
- May (18)
- April (23)
- March (24)
- February (24)
- January (37)

Flickr

This is a Flickr badge showing public photos from B10m. Make your own badge here.

Blogroll

Spam

Akismet blocked 19711 comments
since Oct 23, 2006

Thanks

Powered by Blosxom