GregGrimes

I am a Network Analyst for the department of Information Technology Services at Mississippi State University. We use PmWiki for an internal knowledge base. We previously used TikiWiki and everyone hated it. PmWiki gives us everything we want in a nice small package. Thanks to the developers for doing a great job.


Hello Greg,

sorry for directly asking on your profile page, but I am too curious.

You reported a serious XSS vulnerability at PITS 01030. Petko asked which client-side code could actually be executed, etc.

Therefore the question to make sure: Is there any non-trivial attack possibility that we should be aware of?

Thanks,

ThomasP October 05, 2008, at 04:38 PM

(contact at my profile page)

(multiple victim of server hacks, reason unknown)