Small width layout Medium width layout Maximum width layout Small text Medium text Large text
     Search
Downloads Downloads Directory Directory Forums Forums Forge Forge Blogs Blogs        Marketplace Marketplace Careers Program Careers
Community › Forums Register  |  

AspDotNetStoreFront
  Ads  
Iron Speed Designer is a software development tool for building database, reporting, and forms applications for .NET without hand-coding.
 


  Sponsors  

Meet Our Sponsors

Mad Development is a full service interactive agency focusing on the merge of design, technology, e-commerce, and affiliate marketing by providing total website solutions.
SteadyRain
DataSprings - Great Ideas. Always Flowing.
R2integrated - formerly bi4ce
Jango Studios - Skins, Modules and Hosting for DotNetNuke
eUKhost.com is commited to offer exceptional UK Windows Web Hosting solutions with quality 24x7 technical support.Our plans support ASP.Net, ASP, ASP.NET Ajax extensions, XML, MSSQL, MySQL, PHP,DNN, multiple domains and Shared SSL as standard.
 


DotNetNuke Forums
 
  Forum  DotNetNuke® Pro...  Feedback Module...  Cross site scripting vulnerability, no captcha and repeated postings.
Previous Previous
 
Next Next
New Post 12/12/2007 4:32 AM
User is offline iadalang
81 posts
10th Ranked


Cross site scripting vulnerability, no captcha and repeated postings. 

Try out this link : http://www.dotnetnuke.com/tabid/1111/default.aspx

First off, the Feedback module doesn't have any Captcha field.

Next, feed in <script> d like to know what version of Feedback module was implemented here and whether the above possible vulnerabilities have been removed from the latest version.
 
 Page 1 of 1
Previous Previous
 
Next Next
  Forum  DotNetNuke® Pro...  Feedback Module...  Cross site scripting vulnerability, no captcha and repeated postings.
 


Forum Policy

These Discussion Forums are dedicated to the discussion of the DotNetNuke Web Application Framework.

For the benefit of the community and to protect the integrity of the project, please observe the following posting guidelines:

1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DotNetNuke.
2. Discussion or promotion of DotNetNuke product releases under a different brand name are strictly prohibited.
3. No Flaming or Trolling.
4. No Profanity, Racism, or Prejudice.
5. Site Moderators have the final word on approving/removing a thread or post or comment.
6. English language posting only, please.
 


Dnaxp.Net
Dnaxp.Net offers a comprehensive base of information, resources, and support for DotNetNuke.
www.dnaxp.net 		DNNMasters - modules, consulting, development
DNNMasters developers are involved in DNN development since DNN 1.0.9 and today we offer a broad range of DNN related products and services including custom development of modules, help with ing third party modules for specific needs, general DNN technical support and administrative services.
www.dnnmasters.com 		Cygnusoft Custom Software
Cygnusoft has been providing cutting-edge custom software solutions for 20 years. Cygnusoft is also a leading start-up incubator, helping our partners build successful new businesses.
www.cygnusoft.com

DotNetNuke Corporation   Terms Of Use  Privacy Statement
DotNetNuke®, DNN®, and the DotNetNuke logo are trademarks of DotNetNuke Corporation
Hosted by MaximumASP