Small width layout Medium width layout Maximum width layout Small text Medium text Large text
     Search
Downloads Downloads Directory Directory Forums Forums Forge Forge Blogs Blogs        Marketplace Marketplace Careers Program Careers
Community › Forums Register  |  

telerik -- supercharge your DNN websites
  Ads  
Active Modules -- Active Forums for DotNetNuke
 


  Sponsors  

Meet Our Sponsors

SteadyRain
DataSprings - Great Ideas. Always Flowing.
R2integrated - formerly bi4ce
Jango Studios - Skins, Modules and Hosting for DotNetNuke
eUKhost.com is commited to offer exceptional UK Windows Web Hosting solutions with quality 24x7 technical support.Our plans support ASP.Net, ASP, ASP.NET Ajax extensions, XML, MSSQL, MySQL, PHP,DNN, multiple domains and Shared SSL as standard.
SmarterTools
 


DotNetNuke Forums
 
  Forum  DotNetNuke® Pro...  Feedback Module...  Cross site scripting vulnerability, no captcha and repeated postings.
Previous Previous
 
Next Next
New Post 12/12/2007 4:32 AM
User is offline iadalang
81 posts
10th Ranked


Cross site scripting vulnerability, no captcha and repeated postings. 

Try out this link : http://www.dotnetnuke.com/tabid/1111/default.aspx

First off, the Feedback module doesn't have any Captcha field.

Next, feed in <script> d like to know what version of Feedback module was implemented here and whether the above possible vulnerabilities have been removed from the latest version.
 
 Page 1 of 1
Previous Previous
 
Next Next
  Forum  DotNetNuke® Pro...  Feedback Module...  Cross site scripting vulnerability, no captcha and repeated postings.
 


Forum Policy

These Discussion Forums are dedicated to the discussion of the DotNetNuke Web Application Framework.

For the benefit of the community and to protect the integrity of the project, please observe the following posting guidelines:

1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DotNetNuke.
2. Discussion or promotion of DotNetNuke product releases under a different brand name are strictly prohibited.
3. No Flaming or Trolling.
4. No Profanity, Racism, or Prejudice.
5. Site Moderators have the final word on approving/removing a thread or post or comment.
6. English language posting only, please.
 


MaximumASP
MaximumASP provides a wide array of web hosting plans to fit any hosting need. We also provide software and services needed to keep it running optimally.
MaximumASP.com 		Mad Development: dotnetnuke design and development
We are an expert Dotnetnuke shop specializing in developing solutions that merge the requirements of design and branding, content management, ecommerce, search engine optimization and business logic.
www.MadDevelopment.com 		telerik
telerik r.a.d.controls suite is the most innovative and comprehensive toolset for ASP.NET development, tailored for seamless integration with the DotNetNuke project. This integrated collection of controls allows professionals to build web-solutions with the UI richness and responsiveness of desktop applications.
dnn.telerik.com

DotNetNuke Corporation   Terms Of Use  Privacy Statement
DotNetNuke®, DNN®, and the DotNetNuke logo are trademarks of DotNetNuke Corporation
Hosted by MaximumASP