[security] MyOpenID
Dmitry Shechtman
damnian at gmail.com
Thu Mar 22 17:49:30 UTC 2007
Presumably MyOpenID had fixed that previously, but had chosen not to share
it with the community.
Regards,
Dmitry
=damnian
-----Original Message-----
From: security-bounces at openid.net [mailto:security-bounces at openid.net] On
Behalf Of gaz_sec at hushmail.com
Sent: Thursday, March 22, 2007 19:46
To: security at openid.net
Subject: Re: [security] MyOpenID
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
That is true the browser affected was safari but another OpenID
server was vulnerable to the same sort of attack across multiple
browsers.
More information about the security
mailing list