forked from OpenNeo/impress
Matchu
5601511ad5
This one was actually pretty darn clever - nobody's abused it, but I was reading a blog post where someone described this type of issue, I realized it was a brilliant attack, and then realized DTI was vulnerable. Oops. Thanks for the solution, Jamie! http://jamie-wong.com/2012/08/22/what-i-did-at-khan-academy/#XSS+Fix |
||
---|---|---|
.. | ||
broken_image_reports | ||
closet_hangers | ||
closet_lists | ||
contributions | ||
items | ||
layouts | ||
neopets_pages | ||
neopets_users | ||
outfits | ||
pets | ||
sitemap | ||
static | ||
users |