[VIM] Do world's famous companies take care of their security? (fwd)
Steven M. Christey
coley at linus.mitre.org
Mon Jul 31 15:47:02 EDT 2006
> Curious what the VDB crowd thinks of a list specifically created for the
> disclosure of XSS bugs?
It's definitely a gap, so I like it. Not sure what the VDB's role should
be.
> And if not XSS, substitute that with any other type.
Things like sensitive data disclosure (files under the web root) are
probably just as frequent, along with things like
unauthenticated/unauthorized changes to other people's accounts - so any
"site-specific" type of bug would count for inclusion on such a list, I'd
think.
- Steve
More information about the VIM
mailing list