[W3af-svn-notify] [Task #146830] False positive in httpAuthDetect
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
[W3af-svn-notify] [Task #146830] False positive in httpAuthDetect
|
From: SourceForge.net <no...@so...> - 2008-03-03 18:44:54
|
Task #146830 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: False positive in httpAuthDetect Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: The resource: http://www.farmacity.com.ar/user.php?op=confirmnewuser&module=NS-NewUser&uname=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=te...@te... has a user and password in the URI . The vulnerability was found in the request with id 3003. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146830&group_id=170274&group_project_id=50603 |
