Sunday, May 16, 2010

How to check Domino website for XSS?

I have to check possible vulnerability on website on Domino and this is my first experience, so here are some links I found useful:

http://www.codestore.net/store.nsf/unid/BLOG-20080926
http://www-01.ibm.com/support/docview.wss?rs=477&uid=swg21247201
http://www.stevecastledine.com/sc.nsf/dx/domino-blog-xss-warning
http://it.toolbox.com/blogs/enterprise-solutions/xss-vulnerability-in-lotus-notesdomino-url-handler-3439

1 comment :

Dragon Cotterill said...

It's not as simple as that. You can make any number of user input filters, but if you haven't designed your application with security in mind from the outset, then you've probably already failed.