|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 143
Members: 0
Total: 143
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
XSS URL only, what can i do with it? |
|
Posted: Mon Jul 07, 2008 6:19 am |
|
|
Medusa |
Regular user |
|
|
Joined: May 16, 2008 |
Posts: 6 |
|
|
|
|
|
|
|
basically it will do whatever it in the url, but it wont stay. it will only show for me, which isn't that great, i tried response splitting, but it didn't seem to do anything. oh yeah it accepts HTML too
so is there anything i can? with javascript maybe. update the page, redirect anything?
by the way by url(i mean like name=<script>alert etc) not like in a comment box, and what not. |
|
|
|
|
www.waraxe.us Forum Index -> Cross-site scripting aka XSS
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|