- From: Miles Sabin <miles@milessabin.com>
- Date: Wed, 30 Oct 2002 10:24:17 +0000
- To: www-tag@w3.org
Rick Jelliffe wrote, > > * Unauthorized access to data stored as XML files on the parsing > > system file system (of course the attacker still needs a way to > > get these data back) > > Err, yes: this is a bit too vague to be credible isn't it. I sketched a scenario here, http://lists.xml.org/archives/xml-dev/200206/msg00247.html (see towards the middle, "unexpected information disclosure"). Maybe still a bit vague, and highly dependent on the functionality of the receiving application ... but I think the possibility is credible enough. Cheers, Miles
Received on Wednesday, 30 October 2002 05:24:48 UTC