-----BEGIN PGP SIGNED MESSAGE-----
Roy Schestowitz wrote:
> The following has just cropped up in the Topix Computer Science feed (6
> hours ago). I thought I'd share it, just in case it needs to be addressed.
> Oracle attack on Wordpress
> ,----[ Quote ]
> | This post describes the second of two vulnerabilities I found in
> | Wordpress. The first, a XSS vulnerability, was described last week. While
> | the vulnerability discussed here is applicable in fewer cases than the
> | previous one, it is an example of a comparatively rare class, oracle
> | attacks, so I think merits further exposition.
AFAICS, that vulnerability isn't a WordPress one, but rather a flaw in
Mark's Subscribe to Comments.
Senior Systems Administrator/Web Applications Developer
Lockheed Martin Advanced Technology Labs
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
wp-hackers mailing list