Advisory in progress... :)
*Update - 14.02.2012*
Scenario of attack : registered user can add content to e107.
In this case, we can get two situations: sql injection and/or xss.
Still in progress (because of other projects, sorry ;))
To be continued...
No comments:
Post a Comment
What do You think...?