CERT Advisory on malicious scripts
This WebDNA talk-list message is from 2000
It keeps the original formatting.
numero = 26968
interpreted = N
texte = CERT has released an advisory regarding web based systems, such asmessage boards, and their ability to include malicious scripts. Thiseffects all platforms, including WebStar, and may be of interest tothose of you who might not previously been aware of the potentialproblems associated with not checking included HTML code submitted byusers are parts of messages, etc.http://www.cert.org/advisories/CA-2000-02.htmlDoes anyone have any quick method for recognizing mailcious code from formentries processed by webCat. I have to admit that one site I manage doeshave a textarea where people can enter a personal description. I just triedand was able to insert a