Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Digg XSS
Posted by: Gareth Heyes
Date: May 28, 2008 09:31AM

I've found a XSS hole in digg, anyone know their security contact email address?

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Digg XSS
Posted by: xyberpix
Date: May 28, 2008 10:10AM

Try this one, it's not a mail addy, but I've used it in the past.

http://digg.com/bugreport

xyberpix

Options: ReplyQuote
Re: Digg XSS
Posted by: Gareth Heyes
Date: May 28, 2008 12:58PM

@xyberpix

Cheers!

All web sites should have a security@domain policy with a page

Update...
Submitted to that contact form, I'll give them a few days to respond, if not I'll post the vector here.

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]



Edited 1 time(s). Last edit at 05/28/2008 01:08PM by Gareth Heyes.

Options: ReplyQuote
Spam Posted by: imjames407 (203.193.185.2)
Posted by: imjames407
Date: November 13, 2008 02:49AM

Spam



Edited 1 time(s). Last edit at 11/13/2008 03:22AM by Gareth Heyes.

Options: ReplyQuote


Sorry, only registered users may post in this forum.