Brad Fitzpatrick (bradfitz) wrote in lj_dev,
Brad Fitzpatrick

XSS challenge: update

Whoa, thanks everybody.

Please, though, hold off on the XSS bug reports. We got way more than we thought. Embarassing. I was hoping for 5 or 6, not ~30.

We've fixed most of them but still have a few hard ones remaining and most the incoming emails now are dups.

Please wait for round two. (tomorrow or tomorrow night I'm guessing, after we update the test server's code...)

Don't worry, we're making tickets for all of them, and we're keeping track of each ones who/what/when of them all. We'll be doing perm accounts in a batch after we put up round two.

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded