[Bug 12469] Dynamic Cross-Site Scripting and Page Repainting from bugzilla@jessica.w3.org on 2011-04-12 (public-html-bugzilla@w3.org from April 2011)

From: <bugzilla@jessica.w3.org>
Date: Tue, 12 Apr 2011 11:12:10 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1Q9bVy-00049R-E8@jessica.w3.org>

http://www.w3.org/Bugs/Public/show_bug.cgi?id=12469

--- Comment #11 from Simon <simon.young90@live.com> 2011-04-12 11:12:09 UTC ---
In addition, using the postMessage() API to return data to the external domain
is another method of returning valuable details such as  login information to
the external domain, while still looking seemingly legitimate.

Simon

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Tuesday, 12 April 2011 11:12:12 UTC