by Julien Ahrens | Friday, May 18, 2012 | Advisory
In April, I stumbled over a Cross-Site Scripting vulnerability on the Mozilla Developer Network! Due to improper input validation mechanisms an attacker could temporarily inject own code into user browser sessions with required user interaction using manipulated URLs:...
by Julien Ahrens | Monday, April 30, 2012 | Advisory
Some days ago…I have found a Cross-Site Scripting Vulnerability on www.suse.com – the home of the famous Linux distribution. Using this bug, an attacker could temporarily inject arbitrary code with required user interaction into the context of the website...
by Julien Ahrens | Wednesday, April 11, 2012 | Advisory
This time I have found a non-persistent xss vulnerability on one of Germany’s country-government websites. Immediatley after the finding (on 2012-03-11), I have noticed the webmaster about the vulnerability, but….no reaction. I noticed them 2 further times...
by Julien Ahrens | Wednesday, March 21, 2012 | Advisory, Exploit, RCE
This time I’ve found a more critical vulnerability with a CVSSv2 score of 7,5 coordinated by Secunia.com which has already been published on 2012-03-01, but due to a very unfortunate way of communication by Secunia, I haven’t been informed about the...
by Julien Ahrens | Monday, February 27, 2012 | Advisory
My first vulnerability advisory published through Vulnerability-Lab.com – a great community of vulnerability researchers, who add a real value to the process of finding and disclosing vulnerabilities to vendors. I’ve been looking for quite a long time...
