Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:848
HistoryOct 27, 2000 - 12:00 a.m.

Re: Squid doesn't quote urls in error messages.

2000-10-2700:00:00
vulners.com
34

Hello Lincoln Yeoh,

27.10.00 13:47, you wrote: Squid doesn't quote urls in error messages.;

L> I noticed that Squid 2.3.STABLE4 doesn't quote urls in error
L> messages.

<skip>

L> I haven't really tried it myself, and so I can't confirm if it really works
L> (that's why it's in VULN-DEV ;) ).

I can confirm it really works. Then I open

http://123.microsoft.com/&lt;script&gt;alert&#40;this.document.cookie&#41;&lt;/script&gt;

I can see my cookie from MS site :)