• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: WebObjects vulnerabilities?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WebObjects vulnerabilities?

  • Subject: Re: WebObjects vulnerabilities?
  • From: Ramsey Gurley <email@hidden>
  • Date: Tue, 12 Jul 2011 15:56:26 -0700
That looks like it may be an issue with ERXWOForm._appendHiddenFieldsToResponse instead of ERXRequest.

Do you have any other examples of where this can occur?

Ramsey

On Jul 12, 2011, at 12:32 PM, Simon wrote:

> here you go, i just found a WO powered site on the web that will kindly demonstrate the issue. it is sensitive to encoding, but this link should work in chrome and firefox (not got any IE's nearby to test):
>
>