Re: Comments on the "new" 2518 -- XSS from Jason Crawford on 2006-03-23 (w3c-dist-auth@w3.org from January to March 2006)

From: Jason Crawford <nn683849@smallcue.com>
Date: Wed, 22 Mar 2006 22:57:38 -0500
To: Julian Reschke <julian.reschke@gmx.de>
Cc: w3c-dist-auth@w3.org
Message-ID: <OFF9178914.CD78BDDE-ON8525713A.001462F3-8525713A.0015C214@us.ibm.com>

> the big difference here is that the vulnerability is with HTML content
> even in the absence of any browser bug. I really think this is different
> from the other stuff.

I've reread the entry in bugzilla and withdraw my comment.

J.

Received on Thursday, 23 March 2006 03:58:18 UTC