|
|
|
|
|
|
by Sanddancer
4291 days ago
|
|
|
They finally fixed it, but when this was first posted, the whois sites didn't do any sanitization of the TXT records, which meant that they'd just slap the record into the page. As the record included html saying, "hey, load this script from peniscorp", loading the page would let the script loaded there do various manipulations. |
|
|