[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    PHP Trans SID  XSS (Was: New php release with security fixes)
From:       "Sverre H. Huseby" <shh () thathost ! com>
Date:       2003-05-30 12:41:53
[Download RAW message or body]

It also fixes the following, which wasn't mentioned in the summary (or
elsewhere, as far as I can see):

  "Cross-site Scripting in PHP's Transparent Session ID Support"
   http://shh.thathost.com/secadv/2003-05-11-php.txt


Sverre.

-- 
shh@thathost.com
http://shh.thathost.com/
[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic