Blog moved to http://karteek.selfdabba.com

Sunday, October 7, 2007

x/10 of rediff :P

Well, when you hate something, you've to accept that it got your attention in a way or other. So, you tend to think about it. I'm no excuse. Just coz, I hate rediff, I started looking for XSS (Cross Site Scripting) bugs. Well, there are a total of listed in XSSed and I found a good number to prove that rediff is a very-bad coded portal. One can view this page to see the bugs and see the elite-ness of rediff.

The important services of that are vulnerable, which are offered by rediff include its homepages and shopping. If you remember those dark old days of orkut when those so-called hackers took over communities they hate, it was done by exploiting the XSS vulnerability in orkut, that time. Now, you can understand, whoever have their homepages on rediff, or/and people who do shopping @ rediff are not using a secure service.

PS: Having XSS in a site doesn't make it a worst site as even MS, Google, Yahoo had/have them. Even the MNC which I work for, had a similar bug in their portal, but, it was fixed as soon as they were notified through a specific channel. But, I don't know why portals like rediff and mouthshut employ stubborn webmasters who hate to accept that their code has bugs. They must have either ignored or never read my mails.

1 responses:

Anonymous said...

Keep rediff aside for today and njoi the day... Happy returns of the day...

~U Know Who

 


Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License.

I'm not a lawyer to tell this in a perfect framed sentence. Frame it by yourself if you are so concerned.
Dont think about the content of this blog. Every byte is owned by its rightful owner.
Rest © 2006-2007 Karteek