[P1] Plaxo and privacy
Jim Shimozawa
kotonk2 at mac.com
Thu Apr 8 05:53:49 PDT 2004
On Apr 7, 2004, at 11:23 AM, Tom R. no spam wrote:
> For a start, have you googled for any security alerts
> about this Plaxo software? I just did that quickly, and
> found eg "Plaxo Job Title field allows cross-site scripting",
> etc at http://lists.virus.org/issalert-0403/msg00004.html.
> Also, at http://seclists.org/lists/bugtraq/2004/Mar/0125.html,
> how someone was able to grab all of a person's contact list.
> And http://www.securitytracker.com/alerts/2004/Mar/1009457.html,
> which may be about the same issue. Scripting, let alone
> networked scripting, is a significant security vulnerability.
This is way over my head.
But I think I understand what you are saying.
Thanks for the warning and research.
I will definitely stay away from Plexo.
Jim
More information about the iBook
mailing list