Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/ryanc/statuses/112467160531132388">Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 19-May-2024 18:58:00 JST</a><a href="https://infosec.exchange/@ryanc" title="ryanc@infosec.exchange"><img src="https://gnusocial.jp/avatar/174285-48-20231204225121.webp" width="48" height="48" alt="Ryan Castellucci :nonbinary_flag:" style="position: absolute; left: 0; top: 0;">Ryan Castellucci :nonbinary_flag:</a><div><a href="https://infosec.exchange/@en4rab/112461905614628853" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://infosec.exchange/@en4rab">@en4rab</a> <br>Well, <a href="https://www.sslmarket.com/ssl-verification-tool/" rel="nofollow noreferrer">https://www.sslmarket.com/ssl-verification-tool/</a> is definitely vulnerable to XSS via crafted certificate.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3107749#notice-6165063">In conversation</a><time datetime="2024-05-19T18:58:00+09:00" title="Sunday, 19-May-2024 18:58:00 JST">about 6 months ago</time> <span>from <span><a href="https://infosec.exchange/@ryanc/112467160531132388" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@ryanc/112467160531132388">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: www.sslmarket.com</div><h5><a href="https://www.sslmarket.com/ssl-verification-tool/">Check the SSL/TLS certificate on your server</a></h5><div> from <span>ZONER a.s.</span></div></header><div>Check the trust of the SSL/TLS certificate on your server and its deployment. Our tool will also help you solve the most common issues.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 19-May-2024 18:58:00 JSTRyan Castellucci :nonbinary_flag:
in reply to
- Robin Bradshaw
@en4rab
Well, https://www.sslmarket.com/ssl-verification-tool/ is definitely vulnerable to XSS via crafted certificate.
In conversationabout 6 months ago from infosec.exchangepermalink
Attachments
1. Domain not in remote thumbnail source whitelist: www.sslmarket.com
  Check the SSL/TLS certificate on your server
  from ZONER a.s.
  Check the trust of the SSL/TLS certificate on your server and its deployment. Our tool will also help you solve the most common issues.

Public

Embed Notice

HTML Code

Corresponding Notice