Page 1 of 1

Cross-Site Scripting Security

Posted: Mon Feb 07, 2000 1:11 pm
by Thunderstone


Webinator, as distributed, is not subject to that as it escapes all
displayed items.

It is possible for you, as the web site administrator, to modify the Webinator
scripts so as to make them unsafe or to write your own unsafe scripts.
Escapement is generally automatic, but care should be used when using
<fmt>, <send>, <spew> and any other function that sends raw data.




Cross-Site Scripting Security

Posted: Fri Jul 11, 2008 9:59 am
by geoffrey.sanders
We have the Thunderstone appliance that is updated with the latest patches, and we still seem to vulnerable to cross site scripting. Is there a fix for this?

Cross-Site Scripting Security

Posted: Fri Jul 11, 2008 10:46 am
by John
Can you open a tech support ticket with some more details as to where you are seeing that so we can investigate.

http://www.thunderstone.com/texis/site/ ... pport.html