24 Nov
2014
24 Nov
'14
6:59 a.m.
"Nikolay" == Nikolay P <nikolay.p@cos.flag.org> writes:
Nikolay> Is there anything I can do from the syslog-ng side of Nikolay> things to close this XSS vulnerability or I have to deal Nikolay> with it in my Web application? You can apply rewrite rules that replace "<" with "<", for example, but that's more a workaround than a solution. It is the web app that you will have to teach to sanitize its input, if you want to avoid such vulnerabilities. -- |8]