- From: Antonio Olmo Titos <antonio@w3.org>
- Date: Thu, 31 May 2018 10:03:08 +0200
- To: Sultan AlHussaini <sultan.alhussaini@outlook.com>
- Cc: site-comments <site-comments@w3.org>
Received on Thursday, 31 May 2018 08:03:29 UTC
On 30/05/18 Sultan AlHussaini wrote: > Dear W3 stuff, > As you are trying to develop websites and provides everything useful > and the best services to the world , also I would like to provide a > simple service to you, Actually I have discovered the XXS (reflected) > vulnerability in this URL > https://validator.w3.org/i18n-checker/check?uri= > <https://validator.w3.org/i18n-checker/check?uri=> > (Attached picture prove this) by doing a manual test and I didn’t go > far more than testing. wherefore, let the security team check and > patch it, and please let me know if you need any help. > I apologize to you if there is any breach of your policy, but I tried > to keep your site secure. > Note: I am new in penetrating testing (white hat) world, so it’s nice > to hear some words from you which supports me in my field :) > Best regards, Dear Sultan, many thanks for reporting this. We fixed the issue: https://github.com/w3c/i18n-checker/pull/76 (In the future, please direct such helpful feedback related to security to this other address instead: sysreq@w3.org .) Best regards and thank you again, -- Antonio Olmo Titos — web developer, W3C antonio@w3.org · https://w3.org/People/Antonio
Received on Thursday, 31 May 2018 08:03:29 UTC