back to article DMCA-dot-com XSS vuln reported in 2020 still live today and firm has shrugged it off

There is a live cross-site scripting (XSS) vulnerability in takedowns website DMCA-dot-com's user interface. It's existed for more than a year and the site's operators don't appear to be interested in fixing it. Infosec researcher Joel Ossi, founder of Dutch security firm Websec, announced his findings after spending more than …

  1. This post has been deleted by a moderator

    1. Joe W Silver badge

      Re: DMCA-dot-com


      (theoretically, and we certainly do not condone any illegal activity etc. etc. .... right?)

    2. b0llchit Silver badge

      Re: DMCA-dot-com

      You mean, have someone use their site to host copyrighted material? And then use their own site to take down their site by reporting their site to be hosting copyrighted material.

      That would be a nice trick :-)

      1. msobkow Silver badge

        Re: DMCA-dot-com

        You're positively evil!!!

        I like you! :D

        1. b0llchit Silver badge

          Re: DMCA-dot-com

          The evil does come at a cost... It takes many years of practice to become a professional cynic.

  2. Tubz

    no financial value in fixing a website that still allows a company to make money.

  3. HildyJ Silver badge

    Company calculus

    If 'cost of doing something' is greater than 'cost of doing nothing' then do nothing.

    If 'cost of doing nothing' is zero then you don't even have to do the first calculation.

  4. Blazde
    Paris Hilton

    'XSS' bug is clearly user error

    Solution: Don't put html in the text box

    Ticket closed

    [Really common 20 years ago]

    1. mneimeyer

      Re: 'XSS' bug is clearly user error


      <laughs in "your holding it wrong">

  5. mark l 2 Silver badge

    "It is to be hoped that someone responsible at DMCA-dot-com pays attention to this year-and-a-half-old vuln disclosure. If it's been around this long, somebody might be using it to do something bad. ®"

    If no one was taking advantage of this vulnerability before, they sure will do now its been made public if it still hasn't be fixed.

  6. Will Godfrey Silver badge


    The gift that keeps on taking.

    Hmm, I think I've said something like that before.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022